Security Engineer II

What You’ll DoExecute monthly FedRAMP Continuous Monitoring activities, ensuring timely and accurate completion of deliverablesMaintain and update Plans of Action and Milestones (POA&Ms), including tracking remediation progress and validating closureReview and analyze vulnerability scan results (e.g., Nessus) and assist with prioritization and escalationMaintain an accurate, up-to-date view of vulnerability status across the environmentTrack vulnerabilities through the full lifecycle: identification, validation, remediation, and closureMonitor and report on aging vulnerabilities and SLA adherenceEnsure consistency between scan results, ticketing systems (e.g., ServiceNow), and POA&M recordsOperational Visibility & MonitoringMaintain continuous operational visibility into the security posture of FedRAMP systems, including vulnerabilities, assets, and control statusValidate that security-relevant data (scan results, logs, asset inventory, and tracking systems) is complete, accurate, and aligned across sourcesIdentify gaps in visibility (e.g., missing assets, incomplete scan coverage, inconsistent data) and escalate appropriatelySupport continuous monitoring activities aligned with FedRAMP and NIST 800-137 (ISCM) expectationsAssist in ensuring that logging, monitoring, and security tooling provide sufficient coverage to support ongoing risk awareness and audit readinessAdditional ResponsibilitiesPrepare and maintain audit-ready documentation and ConMon artifacts, including monthly summariesPartner with engineering, cloud, and security teams to support timely remediation effortsAssist with annual assessments and audit preparation, including coordination with internal and external auditorsIdentify recurring issues or trends and escalate to the senior lead for resolutionWhat We’re Looking For2–4 years of experience in cybersecurity, vulnerability management, or compliance operationsExposure to FedRAMP, NIST 800-53, or similar security frameworksHands-on experience working with vulnerability scanning tools (e.g., Nessus, Qualys)Experience tracking vulnerabilities or security findings in a ticketing or tracking system (e.g., ServiceNow, Jira)Strong organizational skills with the ability to manage and track large volumes of findings accuratelyHigh attention to detail and commitment to maintaining data accuracy and consistencyAbility to identify and investigate discrepancies across multiple data sourcesUnderstanding of the importance of continuous monitoring, system visibility, and audit readiness in regulated environmentsStrong written and verbal communication skills, with the ability to clearly convey status and riskAbility to work independently while collaborating closely with a senior lead and cross-functional teamsBS Engineering/Computer Science or equivalent experience requiredNice to HaveExperience with FedRAMP Continuous Monitoring processes or reportingFamiliarity with POA&M management and audit support activitiesExposure to logging, monitoring, or SIEM platformsExperience improving workflows through automation or scripting (e.g., PowerShell, Python, Power Automate)What Success Looks LikeSuccess in this role means maintaining a clear, accurate, and continuously updated view of system security posture, ensuring that:Vulnerability status is consistently tracked and reportedSecurity data is aligned across tools and reporting artifactsConMon deliverables are completed on timeThe environment remains audit-ready with strong operational visibility and minimal surprisesThis role requires comfort working in a structured, compliance-driven environment with recurring monthly deliverables and a strong focus on consistency and detail.Additional RequirementsU.S. Citizenship requiredMust meet IAL2 (Identity Assurance Level 2) requirementsThis is a hybrid positionU.S. National Base Pay Range: $65,100 - $108,500. Geographic differentials may apply in some locations to better reflect local market rates. This job is eligible for an annual incentive bonus.We know your well-being and happiness are key to a long and successful career. We are delighted to offer country specific benefits. Click here to access benefits specific to your location.