SECURITY ENGINEER II

Job Description About the RoleTriple Point Security is seeking a mid-level Security Engineer to support the implementation, operation, and continuous improvement of security capabilities across our federal, state, local, and commercial client engagements. Working within a team of cybersecurity professionals, the Security Engineer will contribute to a range of activities including security assessments, vulnerability management, security tool deployment, and compliance support. This role is well-suited for a technically capable engineer with hands-on IT security experience and strong communication and collaboration skills who is looking to grow their career within a specialized, fast-moving cybersecurity consulting firm and mentor junior team members.Required QualificationsBachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience)4–7 years of experience in cybersecurity engineering, IT security operations, or a related technical roleHands-on experience with security tools such as SIEMs, vulnerability scanners, EDR/XDR platforms, and network security monitoring solutionsExperience supporting or conducting risk and vulnerability assessments (RVAs) in federal, state, and local government IT environmentsSolid understanding of network security fundamentals, authentication protocols, and access control modelsHands-on experience with endpoint network configuration, application installation, virtualization, and troubleshootingStrong written and verbal communication skills, including the ability to document technical findings clearlyWorking knowledge of NIST SP 800-53, FISMA, and federal security compliance requirementsMust be a U.S. citizen eligible for a federal security clearancePreferred QualificationsExperience with cloud security operations in AWS, Azure, or GCP environmentsFamiliarity with Zero-Trust Architecture (ZTA) concepts and implementationExposure to DevSecOps practices and secure software development lifecyclesExperience working within or supporting government agenciesPrior experience in a consulting or managed security services environmentClearance & CertificationsClearanceActive Public Trust preferredMust be a U.S. citizen and eligible to obtain or maintain a federal security clearanceCertifications (Required or Preferred)CompTIA Security+ — Required (or equivalent DoD 8570/8140 baseline certification)CompTIA CySA+, CEH, or GIAC GSEC — PreferredCloud security certification (AWS Associate-level or Specialty, AZ-104, or GCP Professional-level) — PreferredCISSP or CAP — A plus for candidates at the upper end of the experience rangeResponsibilitiesSupport the deployment, configuration, and operation of security tools and platforms across client environmentsConduct and assist with vulnerability assessments, remediation verification, penetration testing support, and security control reviewsDocument technical findings, remediation recommendations, and security assessment results using clear, concise, and actionable written communicationContribute to continuous monitoring activities and support clients in maintaining their security postureMonitor security events, analyze alerts, and participate in incident response activitiesAssist in the development and maintenance of system security plans (SSPs), POA&Ms, and other compliance documentationCollaborate with system owners, architects, engineers, and program managers to implement security requirements across client systems in dynamic team environmentsSupport ATO (Authority to Operate) processes, including evidence collection and control validationCommunicate technical information effectively across different stakeholder groups using clear, concise, and actionable written and verbal communicationSkillsThe ideal candidate is technically hands-on and detail-oriented, with the flexibility to move between security operations, compliance support, and client-facing deliverable production. They bring a strong foundational understanding of security requirements and frameworks and are motivated to deepen their expertise across Triple Point's service areas — including ZTA, DevSecOps, and secure cloud and AI adoption — as they grow within the firm. They are a strong collaborator, effective communicator, and independent problem-solver eager to learn new technologies and grow their existing skills.About Triple Point SecurityTriple Point Security is a technical cybersecurity and cloud security firm that provides highly specialized services to organizations with complex, hybrid IT environments. We have experienced tremendous growth through our Zero-Trust Architecture (ZTA), DevSecOps, and secure AI adoption services and are looking to continue this momentum with our cloud service provider, technology, and teaming partners.Our professionals possess public sector experience in the Department of Health and Human Services (HHS), Department of Defense (DOD), and Department of Justice (DOJ). They also possess private sector experience in telecommunications, finance, managed service providers, and Internet infrastructure. We combine our technical knowledge with best practices from the public and private sectors and apply them to IT security solutions and services that support our clients in achieving their business and mission objectives.