Security Engineer - Continuous Diagnostics and Mitigation (CDM) #1673090 jobs in United States
cer-icon
Apply on Employer Site
company-logo

Network Designs, Inc. ยท 2 weeks ago

Security Engineer - Continuous Diagnostics and Mitigation (CDM) #1673090

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date6+ years exp

Network Designs, Inc. (NDi) is a leading Federal contractor specializing in information technology and network solutions for government customers. They are seeking a senior-level Security Engineer to lead secure configuration, continuous monitoring, and compliance engineering efforts, ensuring adherence to federal mandates and Zero Trust principles.

Information ServicesInformation Technology
check
Diversity & InclusionbadNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Lead Secure Configuration Management baselines for applications, operating systems, databases, network devices, and platforms
Conduct Continuous Diagnostics and Mitigation (CDM) program activities-vulnerability management, configuration management, identity & access controls, and incident response
Perform risk assessments and manage POA&Ms; oversee Cybersecurity Assessment and Secure Mission (CASM) workflows
Implement and automate DISA STIG and SCAP standards across Windows, Red Hat, iOS/iPadOS, macOS, and Chrome environments
Design and enforce Zero Trust controls: micro-segmentation, least-privilege access, continuous verification of users, devices, and services
Apply NIST RMF (SP 800-37/800-53) controls from system categorization through continuous authorization
Facilitate FedRAMP compliance for cloud services; author and maintain SSPs, SARs, and authorization packages
Map security controls to CISA CDM dashboard metrics; integrate data into monitoring solutions
Collaborate with stakeholders to define baseline exceptions, track remediation progress, and report metrics
Maintain documentation in enterprise wiki and compliance portals; manage Jira boards for tasks and exceptions
Mentor junior security engineers and coordinate cross-team compliance reviews

Qualification

CISSPNIST RMFZero Trust principlesContinuous DiagnosticsMitigationPythonAWS GovCloudAzure compliance baselinesActive DirectoryCyberArk EPMStakeholder managementCommunication

Required

U.S. Citizenship is required
Must be able to obtain a Public Trust
Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field
Minimum 6 years of relevant experience in enterprise security engineering and compliance
Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), Certified Authorization Professional (CAP), Security+, Information Technology (IT) certification, or equivalent certification
In-depth understanding of the Continuous Diagnostics and Mitigation program and its phases
Proficiency in Zero Trust principles: micro-segmentation, least-privilege access, continuous verification
Expertise in the NIST Risk Management Framework (RMF) (SP 800-37/800-53)
Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model
Knowledge of FISMA requirements and annual reporting processes
Experience applying FedRAMP controls for cloud service providers and managing authorization packages
Strong knowledge of DISA STIG and SCAP automation for multiple OS platforms
Ability to map organizational controls to CISA CDM dashboard metrics and drive data integrations
Experience writing script in Python, PowerShell, or Bash for security automation and log analysis, and automating security control enforcement using Ansible, Terraform, or cloud-native security controls
Excellent communication, documentation, and stakeholder-management skills

Benefits

Comprehensive health, dental, vision, pet, and legal insurance
401(k) retirement matching
Paid leave
Paid holidays
Health and wellness programs
Employer-paid life and disability insurance
Professional development
Education benefits

Company

Network Designs, Inc.

twittertwittertwitter
company-logo
NDi is a Verified Service-Disabled Veteran Owned Small Business [SDVOSB] professional services firm, supporting Federal and Commercial customers since 1995.
dateFounded in 1995
location
Mclean, Virginia, USA
people-size51-200 employees
web-link
https://www.netdes.com/

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Anthony Zeruto, CISM
CEO and Owner
linkedin
Company data provided by crunchbase