Cyber Security Engineer (Reston, VA) jobs in United States
cer-icon
Apply on Employer Site
company-logo

SOSi · 11 hours ago

Cyber Security Engineer (Reston, VA)

positionReston, VA
timeFull-time
remoteHybrid
senioritySenior Level
date7+ years exp

SOSi is seeking an experienced Cybersecurity Engineer to join their team in Reston, VA. The role focuses on strengthening the company's security posture across various environments and involves engineering, implementing, and improving security controls to protect sensitive data.

ConsultingGovernmentInformation Technology
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote
Hiring Manager
Seble Stewart
linkedin

Responsibilities

Program Oversight: Lead SOSi Corporate Classified Information Systems and serve as the primary ISSM for all classified spaces
Compliance Frameworks: Develop and conduct risk assessment procedures to verify RMF/A&A safeguards in accordance with NISPOM/DAAPM, RMF, JSIG, and NIST 800-series (800-53, 800-171) guidelines
A&A Management: Direct all cybersecurity tasks including Authorization and Accreditation (A&A), risk management, vulnerability management, and privacy analysis
Authorization to Operate (ATO): Author and maintain critical security documentation, including System Security Plans (SSP) and Security Controls, to obtain and sustain system ATOs
Remediation: Collaborate with system owners to address Plan of Action and Milestones (POA&M) and conduct continuous evaluations of system security controls
Zero-Trust Implementation: Design and implement security reference architectures for endpoints, networks, identity, and cloud workloads aligned with zero-trust principles
Cloud Security: Engineer guardrails (policies, blueprints, landing zones), encryption, secrets management, and container security (Kubernetes) across Azure, AWS, GCP, or OCI using Infrastructure as Code (Bicep/Terraform)
Identity & Access Management (IAM): Enforce least-privilege, RBAC/ABAC, and MFA/conditional access across Microsoft Entra ID (Azure AD) and supporting directories
Operations: Build and tune detections (SIEM/EDR) and manage the end-to-end incident lifecycle: triage, evidence preservation, containment, eradication, and recovery
Continuous Monitoring: Define audit events, ensure reliable log collection/integrity, and generate compliance reports for leadership and external auditors
Active Defense: Coordinate with incident response teams to facilitate penetration testing, forensic analysis, and tabletop exercises
Vulnerability Management: Operate and mature the vulnerability management program (e.g., Qualys), tracking findings through remediation and Change Advisory Board (CAB) control
Data Safeguarding: Enforce classification/labeling and FIPS-validated encryption for CUI/FCI data at rest and in transit, including secure handling of removable media and sanitization
Secure Baselines: Implement and maintain secure configuration baselines based on CIS/STIG requirements

Qualification

Cyber SecurityCloud SecurityVulnerability ManagementRisk Management Framework (RMF)Incident ResponseIdentity & Access Management (IAM)Security TechnologiesRegulatory ComplianceAnalytical SkillsCommunication SkillsTeamworkDetail-orientedProblem-solving Skills

Required

Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field; OR equivalent experience
Minimum seven years of experience in cyber security or a related field
Strong understanding of network security, endpoint security, cloud security, and application security
Experience with security technologies such as intrusion detection/prevention systems, SIEM, antivirus software, and encryption techniques
Familiarity with regulatory requirements and standards such as CMMC, NIST, and ISO/IEC 27001
Strong analytical and problem-solving skills
Excellent communication and interpersonal abilities
Ability to work independently and as part of a team
Detail-oriented and committed to maintaining high standards of security
Proven track record of successfully managing and mitigating cyber threats and incidents
Experience in developing and implementing security strategies and policies

Preferred

Current active, in-scope DoD Secret clearance, with the ability to obtain a TS/SCI clearance
One or more relevant certifications: Security+, CISSP, CASP+, CCSP, CISM, GIAC (e.g., GCIH/GCIA/GCED/GCLD), AZ-500, SC-200/300, or cloud-provider security certs
Background with vulnerability management at scale (e.g., Qualys) and secure baseline management (CIS/STIG)
Familiarity with email security, DLP, MDM/MAM, ZTNA/secure web gateways, and container/Kubernetes security
Master's degree is a plus

Company

SOSi

twittertwittertwitter
Glassdoor3.0
company-logo
SOSi solves the challenges of the modern mission.
dateFounded in 1989
location
New York, New York, USA
people-size1001-5000 employees
web-link
http://www.sosi.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Jim Edwards
Chief Growth Officer
linkedin

Recent News

The Latest Tech News from Techreport
ICE Deploys AI to Watch What You Post Online
2025-11-01
EIN Presswire
NaVOBA Announces the 2025 Best Corporations for Veteran's Business Enterprises®
2025-10-06
citybiz
SOSi Appoints Andre Watson as Senior Account Executive
2025-08-21
Company data provided by crunchbase