Senior Cybersecurity Engineer

Senior Cybersecurity Engineer.

Location: Remote
Salary: $80,000 - $100,000 a year.
Employer: Aprio.

Responsibilities:
• Security control implementation: Implement and operate security controls across identity, network, compute, storage, key management, endpoint security, logging, and monitoring within the CUI boundary. 
• Access and privilege management: Administer role-based access, privileged access workflows, MFA/conditional access enforcement, service account governance, and secrets/cert lifecycle tasks. 
• Configuration baseline and hardening: Apply and maintain secure configuration baselines for in-scope systems and services. Investigate drift, remediate misconfigurations, and document exceptions with approvals. 
• Logging and detection operations: Ensure required logging is enabled and flowing to centralized monitoring. Help tune detections, investigate alerts, and support incident response procedures specific to the CUI environment. 
• Vulnerability and patch execution: Run vulnerability scans (or validate results), track remediation, coordinate patching, and verify closure. Manage remediation SLAs and support risk-based prioritization. 
• Change control support: Participate in change reviews for CUI-scoped systems, assess security impact, implement approved changes, and validate post-change security posture. 
• Evidence collection and audit readiness: Produce and maintain audit evidence (config snapshots, access reviews, logging verification, vulnerability reports, change records). Keep evidence organized, complete, and easy to validate. 
• Automation and reliability: Build lightweight automation to reduce manual work (repeatable deployments, configuration validation, evidence collection) and improve consistency without introducing risk. 
• Partner enablement: Support IT and delivery teams working inside the boundary by providing secure implementation guidance, troubleshooting, and clear “how-to” documentation.

Requirements:
• 4+ years in security engineering, cloud engineering, or security operations with hands-on responsibility for implementing controls. 
• Experience working in regulated or compliance-driven environments (CMMC, NIST 800-171, NIST 800-53, FedRAMP-aligned environments, SOC 2, ISO 27001, or similar). 
• Strong fundamentals in identity and access management, network segmentation concepts, encryption/key management basics, and centralized logging/monitoring. 
• Experience executing vulnerability management and patch workflows (scan, prioritize, remediate, validate). 
• Ability to write clear operational documentation and produce defensible evidence artifacts. 
• Strong collaboration skills with the ability to work across Security, IT, and delivery teams. 

⚡ Показать контакты

#Удаленка #ИБ