Cybersecurity Engineer

Join to apply for the Cybersecurity Engineer role at Gauss Management Research & Engineering (GMRE Inc.) in Ogden, UT.

The Cybersecurity Engineer is a key member of the Enterprise Systems Team responsible for protecting systems, networks, and data supporting the organization. The role ensures compliance with federal cybersecurity frameworks by integrating security into Enterprise Systems operations, system design, and daily support activities. This position requires on‑site work in the office and is not eligible for visa sponsorship. Candidates must be authorized to work in the U.S. without employer sponsorship.

• Design, develop, and implement security solutions for enterprise infrastructure to protect against threats and prevent unauthorized access.
• Design and review secure system architectures and harden operating systems, applications, and networks to meet DoD baseline security requirements.
• Monitor security alerts and events, investigate incidents, perform root‑cause analysis, and support coordinated incident response and recovery activities.
• Deploy, configure, and manage cybersecurity tools and platforms — including SIEM, intrusion detection/prevention systems, endpoint protection, and vulnerability management tools — while automating, monitoring, and reporting.
• Conduct vulnerability scans, penetration tests, and security assessments, ensuring remediation activities are properly implemented and validated.
• Perform application security reviews, conduct code analysis, and support secure software development (Dev Sec Ops ) practices to identify and mitigate vulnerabilities in applications.
• Design and enforce network security architectures — including firewalls, VPNs, intrusion prevention systems, network segmentation, and zero‑trust models — to safeguard mission‑critical environments.
• Manage and monitor endpoint security, mobile device protection, and encryption solutions to secure processing of Controlled Unclassified Information (CUI).
• Ensure secure configuration of servers, workstations, applications, and network devices, and oversee patch management processes to reduce vulnerabilities and meet defined remediation timelines.
• Develop, maintain, and update cybersecurity compliance documentation — including SSPs, POA&Ms, policies, and procedures — to ensure alignment with DFARS, NIST, CMMC, and ISO 27001 requirements.
• Conduct and support internal and external security audits, perform control assessments, and participate in continuous monitoring activities to demonstrate compliance with NIST SP 800‑171, NIST SP 800‑53, DFARS, CMMC, and ISO 27001.
• Continuously research and evaluate emerging threats, vulnerabilities, technologies, and defensive techniques, and recommend proactive measures to strengthen the organization’s cybersecurity posture.

• Strong understanding of cybersecurity principles, best practices, DoD, and ISO 27001 security requirements.
• Experience with NIST special publications, ISO 27001, risk management, and similar compliance standards.
• Vulnerability management at an enterprise level.
• Tools management – SIEM, SOAR, penetration testing, endpoint management.
• Excellent written and verbal communication skills, with the ability to convey complex information to both technical and non‑technical audiences.
• Strong organizational skills and keen attention to detail.
• Ability to work effectively in cross‑functional teams and build collaborative, positive working relationships.
• Flexibility and adaptability to changing priorities, evolving threats, and dynamic mission requirements.

• Bachelor’s degree in Cybersecurity, Computer Science, or Information Technology.
• Minimum of three (3) years of relevant experience in cybersecurity and information security.
• Experience performing cybersecurity hardening in Microsoft Azure.
• Experience working with security tools and technologies such as SIEM platforms, IDS/IPS, and vulnerability scanners.
• Experience with NIST 800‑171 and ISO 27001.
• Strong understanding of security protocols, cryptography, and network security principles.
• Required certification:
  CompTIA Security+ (must be in active…