Apply on Employer Site

Chainbridge Solutions · 2 days ago

Cybersecurity Engineer

United States

Full-time

Remote

Senior Level, Lead/Staff

8+ years exp

Chainbridge Solutions is a recognized leader in federal software engineering and application modernization. They are seeking a highly experienced Cybersecurity Engineer to drive the advancement of their security posture across mission-critical systems, ensuring that systems and applications are securely designed, implemented, and maintained in accordance with federal cybersecurity frameworks.

AppsInformation TechnologyService IndustrySoftware

Growth Opportunities

No H1B

U.S. Citizen Only

Responsibilities

Develop and implement security policies and practices aligned with NIST and federal requirements, in support of client applications and AWS environments

Provide input on security architecture, support organizational approvals, and contribute to documentation such as scan summaries and patch validation notes

Ensure RMF compliance through continuous monitoring, audit preparation, and evidence collection

Analyze IAVA and ACAS scan results to assess risk and coordinate remediation with client technical teams and application owners

Manage the full vulnerability lifecycle (triage, CAT I/II prioritization, Jira tracking, scan validation), ensuring documentation meets client and RMF requirements

Perform threat modeling and vulnerability analysis during system design and development to proactively mitigate risks

Support incident response and risk mitigation activities in coordination with cross functional team

Guide project team in secure coding practices, including Fortify scans, STIG remediation, and adherence to CWE/SANS Top 25 and other secure design standards

Advise project teams on cybersecurity best practices, design strategies, and implementation approaches to support secure system development

Partner with system administrators and developers to implement and validate security controls in AWS cloud-based environments. Maintain the system's security posture in the cloud environment (e.g., AWS Cloud One), including ensuring data security and environment hardening

Serve as a cybersecurity SME and trusted advisor to client teams, ensuring alignment on security strategy, compliance, and risk posture

Participate in client facing meetings, Agile ceremonies, and security reviews to advocate for secure design and timely risk mitigation

Stay current with evolving cybersecurity threats, technologies, and best practices to inform and strengthen organizational security strategy

Qualification

CompTIA Security+NIST standardsApplication securityCloud-based securityDevSecOpsRisk assessmentSecure codingClient engagementThreat modelingVulnerability managementAdvanced security certificationsCommunication skills

Required

CompTIA Security+ certification is required

US Citizen and Completed Public Trust Investigation are required

Bachelor's degree in Cybersecurity, Computer Science, or a related field

At least 8 years of experience in cybersecurity, with significant experience supporting federal programs

Proficiency with advanced cybersecurity tools and practices, especially in DevSecOps environments (e.g., SAST, DAST, container security, configuration management, and IaC security)

Strong understanding of NIST standards and federal government security protocols

Demonstrated expertise in application security, secure coding, threat modeling, risk assessment, and cloud-based security

Strong written and verbal communication skills, with a particular emphasis on building trust and alignment with client cybersecurity stakeholders through clear, proactive, and collaborative engagement

Preferred

Advanced Security Certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or similar credentials