Cybersecurity Engineer – Mid 

Position Summary

Essential Duties and Responsibilities

• Provide cybersecurity engineering and technical implementation support for SBA ECS initiatives.
• Support Task Areas 3.5.4 and 3.5.4.5 by engineering, integrating, configuring, and maintaining enterprise cybersecurity technologies and security architectures.
• Assist with implementation and sustainment of Zero Trust Architecture (ZTA) initiatives aligned with NIST SP 800-207 and OMB M-22-09.
• Support cloud security engineering activities across Microsoft Azure, AWS, Microsoft 365, Dynamics 365, and SaaS environments.
• Engineer and maintain security controls supporting NIST SP 800-53, RMF, FISMA, FedRAMP, and SBA cybersecurity requirements.
• Support secure system design reviews, security architecture assessments, and technical security evaluations.
• Assist with deployment, configuration, integration, and optimization of cybersecurity tools including SIEM, EDR, vulnerability management, IDS/IPS, MFA, and security monitoring platforms.
• Perform vulnerability analysis, remediation validation, system hardening, and security configuration assessments.
• Support development and maintenance of cybersecurity engineering documentation, system diagrams, implementation guides, SOPs, and technical procedures.
• Collaborate with cybersecurity architects, SOC analysts, ISSOs, system administrators, cloud engineers, and program managers to implement enterprise security solutions.
• Provide technical support for incident response, forensic analysis, root cause investigations, and cybersecurity operations activities.
• Assist with automation, scripting, orchestration, and cybersecurity workflow optimization initiatives.
• Participate in continuous monitoring activities, log analysis, configuration reviews, and security compliance validation efforts.
• Support implementation of secure network architectures, segmentation strategies, access control solutions, and encryption technologies.
• Assist with engineering support for vulnerability scanning platforms, patch management solutions, and cybersecurity tool integrations.
• Provide technical recommendations to improve cybersecurity posture, operational efficiency, resilience, and risk mitigation.
• Support system security plan development, architecture documentation, and control implementation descriptions.
• Participate in technical working groups, engineering reviews, change control activities, and cybersecurity governance initiatives.
• Support modernization initiatives involving DevSecOps, automation, AI-enabled cybersecurity capabilities, and cloud transformation.
• Ensure engineering activities align with federal cybersecurity guidance, SBA standards, and enterprise security policies.

Minimum Qualifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, Information Systems, or related discipline. Relevant experience may substitute for degree requirements.
• Minimum of 5 years of experience supporting cybersecurity engineering, system security engineering, network security, cloud security, or federal cybersecurity operations.
• Experience implementing and maintaining enterprise cybersecurity technologies and security controls.
• Knowledge of NIST RMF, NIST SP 800-53, FISMA, FedRAMP, Zero Trust Architecture, and federal cybersecurity requirements.
• Experience supporting Microsoft Azure, AWS, Microsoft 365, or hybrid cloud security environments.
• Experience with cybersecurity tools such as SIEM, EDR, IDS/IPS, vulnerability scanners, endpoint security, and identity management platforms.
• Understanding of network security principles, system hardening, vulnerability management, encryption, and secure configuration management.
• Experience with scripting or automation technologies such as PowerShell, Python, Bash, or orchestration platforms preferred.
• Strong analytical, troubleshooting, communication, and technical documentation skills.
• Ability to support multiple cybersecurity engineering initiatives in a dynamic operational environment.
• Experience supporting federal agencies or government cybersecurity environments preferred.

Preferred Certifications

• Certified Information Systems Security Professional (CISSP)
• CompTIA Security+
• Certified Ethical Hacker (CEH)
• GIAC Security Certifications
• Microsoft Certified: Azure Security Engineer Associate
• AWS Certified Security – Specialty
• Certified Cloud Security Professional (CCSP)
• Cisco CyberOps or CCNP Security
• GIAC Certified Incident Handler (GCIH)
• Certified Information Security Manager (CISM)