Security Engineer II

Job Description

We are searching for a self-starter and problem solver who has familiarity with compliance and industry frameworks and standards. You will need to be ready to enhance these skills as a member of our Compliance Team initially focusing on continuous control monitoring for our FedRAMP environment. Must have US Citizenship

• Support Continuous Monitoring activities for FedRAMP and other compliance functions including, but not limited to NIST 800-53, ISO 27001 and Service Organization Control audits
• Update Continuous Monitoring documentation including Plan of Action and Milestones (POA&M), Deviation Requests and Monthly Executive Summary
• Perform a variety of daily activities to ensure FedRAMP security controls remain in compliance. Includes monitoring and assessing daily vulnerability reports related to FedRAMP-authorized systems to ensure compliance with federal security standards.
• Identify, track, and report emerging threats and vulnerabilities, coordinating with internal teams to support timely remediation efforts.
• Ensure all FedRAMP Continuous Monitoring documentation is submitted in a timely manner
• Work closely with internal and external auditors and act as a liaison to collect, prioritize and distribute details for FedRAMP audit
• Maintain awareness of updates to FedRAMP requirements and integrate relevant changes into monitoring processes. Requires monitoring laws and regulations to maintain FedRAMP ATO status
• Ability to work with multiple teams to drive reduction in risks and improve overall compliance
• All other duties as assigned

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances.

• Have 2+ years of experience in control assessment, third party risk and/or cybersecurity
• BS Engineering/Computer Science or equivalent experience required
• Foundational knowledge of security frameworks (FedRAMP, ISO
  27k, NIST, etc.)
• Proven experience in vulnerability management, including identification, assessment, tracking, and remediation of security vulnerabilities across enterprise environments.
• Hands-on experience with security tools such as vulnerability scanners and SIEM platforms
• Experience with security automation using scripting languages
• Proficiency in Microsoft Power Automate, including building, maintaining, and troubleshooting automated workflows to support business and security operations
• Excellent problem-solving skills and ability to work independently or collaboratively in a fast-paced environment
• Good communication (verbal and written), interpersonal, with the ability to interact with key stakeholders to convey the operational impact of cybersecurity issues in a confident, organized manner