Cybersecurity Engineer

Description

The Cybersecurity Engineer is a key member of the Enterprise Systems Team responsible for protecting systems, networks, and data supporting the organization. Ensure compliance with federal cybersecurity frameworks by integrating security into Enterprise Systems Operations, system design, and daily support activities.
The Cybersecurity Engineer position will be required to perform work on-site, in the office. GMRE will not provide moving allowances for this position. The right candidate must be local to Ogden, UT and able to work on-site in the office Monday - Friday. This position is NOT eligible for Visa Sponsorship. Candidates must be authorized to work in the U.S. without employer sponsorship.

• Design, develop, and implement security solutions for enterprise infrastructure to protect against threats and prevent unauthorized access, use, or disclosure of information.
• Design and review secure system architectures, and harden operating systems, applications, and networks to meet DoD baseline security requirements.
• Monitor security alerts and events, investigate incidents, perform root‑cause analysis, and support coordinated incident response and recovery activities.
• Deploy, configure, and manage cybersecurity tools and platforms — including SIEM solutions, intrusion detection/prevention systems, endpoint protection, and vulnerability management tools — while automating, monitoring, and reporting.
• Conduct vulnerability scans, penetration tests, and security assessments, and ensure that remediation activities are properly implemented and validated.
• Perform application security reviews, conduct code analysis, and support secure software development (Dev Sec Ops ) practices to identify and mitigate vulnerabilities in.
• Design and enforce network security architectures — including firewalls, VPNs, intrusion prevention systems, network segmentation, and zero‑trust models — to safeguard mission‑critical environments.
• Manage and monitor endpoint security, mobile device protection, and encryption solutions to secure systems processing of Controlled Unclassified Information (CUI).
• Ensure secure configuration of servers, workstations, applications, and network devices, and oversee patch management processes to reduce vulnerabilities and meet defined remediation timelines.
• Develop, maintain, and update cybersecurity compliance documentation — including System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), policies, and procedures — to ensure alignment with DFARS, NIST, CMMC, ISO 27001 requirements.
• Conduct and support internal and external security audits, perform control assessments, and participate in continuous monitoring activities to demonstrate compliance with NIST SP 800‑171, NIST SP 800‑53, DFARS, CMMC, and ISO 27001.
• Continuously research and evaluate emerging threats, vulnerabilities, technologies, and defensive techniques, and recommend proactive measures to strengthen the organization’s cybersecurity posture.

GMRE is a small veteran owned company who cares about our employees. We offer health, dental, and vision insurance, 401(k), vacation, Paid Time Off (PTO), or Paid Sick Leave (PSL) based on state laws, paid holidays, and life insurance to all permanent full‑time employees. GMRE’s mission is to provide high quality engineering and technical services to help our customers grow and succeed.

GMRE is an equal opportunity employer. GMRE is committed to making employment decisions based on valid requirements, without regard to age 40 and over, color, disability, gender identity, genetic information, military or veteran status, national origin, race, religion, sex, sexual orientation or any other applicable status protected by state or local laws.

This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee. Duties, responsibilities, and activities may change, or new ones may be assigned at any time with or without notice.

• Strong understanding of cybersecurity principles, best practices, Department…