Senior Security Engineer

Clearwaters.IT is seeking an experienced Senior Security Engineer to support the program with the Department of Commerce. This role involves identifying vulnerabilities, assessing risks, and ensuring the security and compliance of all technical assets across the department. The Senior Security Engineer will work closely with various stakeholders, both internal and external, to implement best practices for cybersecurity, IT risk management, and ensure the department's alignment with federal cybersecurity regulations and frameworks. 

This position is on-site in Washington D.C. Candidates with a Current Top Secret Security Clearance should apply. The position is contingent on the award.

Responsibilities: 

• Support the client in the development and oversight of cybersecurity governance across all applicable programs. 

• Provide cybersecurity engineering subject matter expertise to client staff. 

• Participate in technical review boards and program planning sessions, contributing to enterprise architecture decisions and security control implementation. 

• Develop and deliver technical guidance via PowerPoint presentations, formal documentation, and written communications on cybersecurity capabilities, vulnerabilities, risks, and mitigation strategies. 

• Engineer, configure, and sustain the Continuous Diagnostics and Mitigation (CDM) and Zero Trust Architecture (ZTA) toolsets, to include Tenable Nessus, HCL BigFix, SailPoint, Okta, Axonius, Cloudflare and other related technologies. 

• Lead and facilitate technical integration sessions with internal Bureaus to incorporate new and existing capabilities that enhance the Enterprise CDM and ZTA programs. 

• Author cybersecurity policy, standards, and guidance documents to support and align with CDM and ZTA implementation efforts. 

• Bachelor's degree in computer science, Information Security, Engineering, or a related field is required. 

• A minimum of 7 years of experience in cybersecurity, IT risk management or a related field is required. 

• Active or Current Top Secret Security Clearance.
• Must be a U.S. citizen.

• Relevant network engineer certification and/or industry standard certifications (e.g CompTIA Security+, CISSP, CISM, CISA or equivalent) are required 

• Proven experience with security frameworks and standards such as NIST SP 800-53, NIST SP 800-37, NIST Cybersecurity Framework (CSF), FISMA, etc. 

• Proven expertise in cybersecurity architecture, CDM and ZTA 

• Hands-on experience with technology-related administration (Installation, Configuration, Monitoring, Integration, Managing Access Controls, Automation, and Troubleshooting) of the Continuous Diagnostics and Mitigation (CDM) and Zero Trust Architecture (ZTA) tool stack, to include Tenable Nessus, HCL BigFix, SailPoint, Okta, Axonius, Cloudflare, etc. 

• Strong written and verbal communication skills, with the ability to deliver clear, concise reports and messages to all levels of management. 

• Excellent interpersonal abilities, with a strong capacity to work independently with minimal supervision or guidance. 

• Strong analytical abilities and problem-solving skills, with the ability to design effective solutions for complex challenges. 

• Awareness of secure software development practices and principles. 

• Ability to fulfill responsibilities in a timely manner and with precision. 

• Exceptional attention to detail, with the ability to work independently on important initiatives while ensuring optimal outcomes.  

Competitive salary and benefits package, including:

• Health, dental and vision insurance
• 401(k) with company match
• Paid time off (PTO) for vacation, sick leave, and personal days
• Professional development reimbursement
• Other benefits, including life insurance, disability insurance, and employee assistance programs