Cyber Security Engineer IV

S

SOSi

Cyber Security Engineer IV

Reston, VA
Full Time
Paid
  • Responsibilities

    Job Description

    SOSi is seeking an experienced Cybersecurity Engineer to join our team at SOS International in Reston, VA. This role strengthens SOSi’s enterprise and customer-facing security posture across on-prem, Microsoft 365/Azure, and multi-cloud environments (AWS, GCP, OCI). You will engineer, implement, and continuously improve controls that protect CUI/FCI and other sensitive data, align with federal frameworks, and enable secure, reliable mission delivery.

    ** Essential Job Duties**

    Classified Systems Leadership (ISSM)

    • Program Oversight: Lead SOSi Corporate Classified Information Systems and serve as the primary ISSM for all classified spaces.
    • Compliance Frameworks: Develop and conduct risk assessment procedures to verify RMF/A&A safeguards in accordance with NISPOM/DAAPM, RMF, JSIG, and NIST 800-series (800-53, 800-171) guidelines.
    • A&A Management: Direct all cybersecurity tasks including Authorization and Accreditation (A&A), risk management, vulnerability management, and privacy analysis.
    • Authorization to Operate (ATO): Author and maintain critical security documentation, including System Security Plans (SSP) and Security Controls, to obtain and sustain system ATOs.
    • Remediation: Collaborate with system owners to address Plan of Action and Milestones (POA&M) and conduct continuous evaluations of system security controls.

    Security Engineering & Architecture

    • Zero-Trust Implementation: Design and implement security reference architectures for endpoints, networks, identity, and cloud workloads aligned with zero-trust principles.
    • Cloud Security: Engineer guardrails (policies, blueprints, landing zones), encryption, secrets management, and container security (Kubernetes) across Azure, AWS, GCP, or OCI using Infrastructure as Code (Bicep/Terraform).
    • Identity & Access Management (IAM): Enforce least-privilege, RBAC/ABAC, and MFA/conditional access across Microsoft Entra ID (Azure AD) and supporting directories.

    Threat Detection & Incident Response

    • Operations: Build and tune detections (SIEM/EDR) and manage the end-to-end incident lifecycle: triage, evidence preservation, containment, eradication, and recovery.
    • Continuous Monitoring: Define audit events, ensure reliable log collection/integrity, and generate compliance reports for leadership and external auditors.
    • Active Defense: Coordinate with incident response teams to facilitate penetration testing, forensic analysis, and tabletop exercises.

    Vulnerability & Data Protection

    • Vulnerability Management: Operate and mature the vulnerability management program (e.g., Qualys), tracking findings through remediation and Change Advisory Board (CAB) control.
    • Data Safeguarding: Enforce classification/labeling and FIPS-validated encryption for CUI/FCI data at rest and in transit, including secure handling of removable media and sanitization.
    • Secure Baselines: Implement and maintain secure configuration baselines based on CIS/STIG requirements.
  • Qualifications

    Qualifications

    ** Minimum Requirements**

    • Current active, in-scope DoD Secret clearance, with the ability to obtain a TS/SCI clearance.
    • Bachelor’s degree in Cyber Security, Information Technology, Computer Science, or a related field; OR equivalent experience.
    • Minimum seven years of experience in cyber security or a related field.
    • Strong understanding of network security, endpoint security, cloud security, and application security.
    • Experience with security technologies such as intrusion detection/prevention systems, SIEM, antivirus software, and encryption techniques.
    • Familiarity with regulatory requirements and standards such as CMMC, NIST, and ISO/IEC 27001.
    • Strong analytical and problem-solving skills.
    • Excellent communication and interpersonal abilities.
    • Ability to work independently and as part of a team.
    • Detail-oriented and committed to maintaining high standards of security.
    • Proven track record of successfully managing and mitigating cyber threats and incidents.
    • Experience in developing and implementing security strategies and policies.

    ** Preferred Qualifications**

    • One or more relevant certifications: Security+, CISSP, CASP+, CCSP, CISM, GIAC (e.g., GCIH/GCIA/GCED/GCLD), AZ-500, SC-200/300, or cloud-provider security certs.
    • Background with vulnerability management at scale (e.g., Qualys) and secure baseline management (CIS/STIG).
    • Familiarity with email security, DLP, MDM/MAM, ZTNA/secure web gateways, and container/Kubernetes security.
    • Master’s degree is a plus.

    Additional Information

    ** Work Environment**

    • Working conditions are normal for an office environment, both on-site and hybrid work environments.
    • Fast paced, deadline-oriented environment.
    • May require periods of non-traditional working hours including consecutive nights or weekends (if applicable).
    • Hybrid work in local areas is possible.

    Working at SOSi

    All interested individuals will receive consideration and will not be discriminated against for any reason.