Continuous Monitoring Engineer

Piper Companies is seeking a Continuous Monitoring Engineer to join a fully remote (U.S.

-based) cybersecurity and compliance services firm. This client-facing cybersecurity role focuses on vulnerability management, compliance monitoring, and cloud security across AWS, Azure, and GCP environments.

• Manage the full POA&M lifecycle, including risk justifications and deviation requests.
• Collect and maintain security evidence for monthly continuous monitoring (FedRAMP, HITRUST, PCI).
• Run and analyze vulnerability scans across OS, databases, web apps, and containers.
• Identify false positives and prepare risk assessments for federal stakeholders.
• Maintain system inventories and boundary documentation.
• Support vulnerability tools (Tenable, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender).
• Collaborate with engineering and SRE teams to integrate scanning into CI/CD pipelines.
• Track remediation activities and coordinate timelines with technical teams.
• Produce monthly compliance deliverables and vulnerability summaries.

• 3–5 years of experience in vulnerability management, continuous monitoring, or security operations.
• Hands‑on experience scanning OS, networks, databases, containers, and web apps.
• Experience with at least two cloud platforms (AWS, Azure, GCP).
• Familiarity with FedRAMP, HITRUST, or PCI frameworks.
• Administrator‑level cloud certification (AWS/Azure/GCP).
• Strong understanding of CVSS/CMSS scoring and NIST 800‑53 (RA‑5, SI‑2, CM‑6).
• Experience with STIGs, SCAP/SCC, and CIS Benchmarks.
• Scripting skills (Python, Power Shell, Bash).
• Strong communication and documentation skills.

• Cloud security certifications (AWS/Azure/GCP).
• Security+ or CISSP.
• Experience with container security tools (Trivy, Anchore, Snyk) and Kubernetes.
• Familiarity with SCA and SAST/DAST tools.
• Experience integrating security controls into CI/CD workflows.

• Fully remote (U.S.)
• Up to 10% travel
• Collaboration with engineering, SRE, compliance, and federal client teams

• Salary Range: $115,000 – $125,000
• Benefits:
  Medical, Dental, Vision, 401K, PTO, Sick Leave (as required), Holidays

#LI-RE1 #LI-REMOTE continuous monitoring engineer, vulnerability management, continuous monitoring, POA&M, FedRAMP, HITRUST, PCI, compliance monitoring, cloud security, AWS, Azure, GCP, CVSS, CMSS, NIST 800‑53, RA‑5, SI‑2, CM‑6, STIG, SCAP, CIS Benchmarks, Tenable, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender, Trivy, Anchore, Snyk, container security, Kubernetes, CI/CD, Dev Sec Ops , SCA, SAST, DAST, automation, Python, Power Shell, Bash, security documentation, compliance evidence, 3

PAO, federal security, cloud architecture, cloud governance, cloud compliance, vulnerability scanning, risk assessment, security reporting, client-facing, professional services, cloud environments, cloud operations, cloud tooling, security frameworks, zero trust, IAM, RBAC, MFA, SAML, OAuth, Linux, Windows, Agile, SCRUM, technical documentation, cloud consulting, hybrid cloud, multi-cloud.