Senior Cybersecurity Engineer; Trelix
Listed on 2026-07-04
-
IT/Tech
Cybersecurity, Information Security
Job Information
- Type of Requisition: Regular
- Clearance Level (current): Top Secret/SCI
- Clearance Level (obtainable): Top Secret/SCI
- Public Trust/Other
Required:
None - Job Family: Cyber and IT Risk Management
- US Citizenship
Required:
Yes
We areseekinga highly skilled and multi-faceted Cyber Engineer for a critical contract role supporting Google’s SIPRNet enclave. The ideal candidate is a proactive and seasoned professional with extensive, hands‑on experience navigating Trelix, Red Hat Linux, the NIST 800‑53 Risk Management Framework (RMF) control requirements, and Security Operations for a classified network in a unique commercial cloud setting. This role requires a blend of technical engineering prowess to provide Security Operations support as well as a deep understanding of continuous monitoring control requirements to prepare for security assessments and auditing.
You will be a key contributor to our SIPR Enclave team, supporting the SIPR Enclave Lead in RMF activities and the Senior Cyber Engineer in security operations support.
- Supports maintaining the Continuous Monitoring program, specifically around vulnerability management, endpoint security, auditing, and security alert triage/monitoring.
- Supports control implementation statement updates, documentation development for plans or procedures, artifact identification for assessments, and body of evidence generation.
- Supports POAM mitigation and/or remediation activities.
- Update and maintain security tool versions (Trelix, etc).
- Configure, patch, and update the Linux operating systems.
- Monitors the security applications such as Trelix.
- Scanning implementation (Tenable.sc, SCC Tool).
- SIEM implementation (Splunk).
- Endpoint security implementation (Trellix).
- Works with the vendors of the security applications as applicable to maintain security updates, licenses, resolve support issues (e.g., for Tenable plugins).
- Ensures all hosts can be seen in the endpoint security application with ongoing monitoring and applicable policies applied.
- Triages all alerts from the tool to ensure activity in the environment is authorized.
- Ensures deployment of tool and related modules are performing as intended.
- Monitors aggregate user data as directed.
- Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.
- Ensure security systems are up to date and implemented.
- Validate the telemetry from the hosts and security applications are forwarded to the SIEM.
- Configures alerts for privileged activity that would be conducted in the enclave as well as alerts from security advisories.
- Triages all alerts from the SIEM to ensure activity in the environment is authorized.
- Investigates, resolves, and reports security incidents in alignment with the Incident Response Plan.
- Ensures the inventory of hosts and recurring/ad‑hoc scan policies are accurate.
- Reviews the scans to confirm correct, actionable data is generated to support the patching activities.
- Reviews STIG results and supports the team in implementing corrective action as applicable.
- Education: BA/BS Degree or equivalent experience in lieu of degree.
- Experience: 8+ years of related experience.
- Skills: Cybersecurity, Endpoint Security, Linux, Splunk Enterprise Security.
- Certifications: Must be DoD 8140 / 8570.01‑M compliant (e.g., including but not limited to Security+).
- Knowledge: Complete NIST SP 800 series (especially 800‑37, 800‑53, 800‑30) and risk management principles.
- Security Operations: Ability to use security operations of Trelix.
- Tool Maintenance: Ability to update security applications such as Trelix.
- Patch Management: Experience patching and updating Linux (or RHEL or Red Hat).
- Hardening: Ability to harden the system using STIGs.
- Compliance: Ability to update the underlying security tools Linux operating system.
- Clearance: Must possess a current and active Top Secret (SCI) eligibility.
- Citizenship: US Citizenship Required.
- Hands‑on experience with security operations of Splunk.
- Hands‑on experience with Tenable.sc.
Onsite at the classified operations center in McLean, VA.
Work LocationUSA VA Mc Lean
SalaryThe likely salary range for this position is $142,792 - $175,950.
ScheduleScheduled weekly hours: 40.
Travel required:
10-25%. Telecommuting options:
Onsite.
Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).