Senior Security Engineer

ECS is seeking a Senior Security Engineer to work in our Arlington, VA office.  Please Note: This position is contingent upon contract award.

ECS is looking for a Senior Security Engineer for a dynamic and growing team as a technical security and engineering lead for a DHS component. The ideal candidate will have a strong background and understanding of cybersecurity frameworks, methodologies, and operational experience in production environments such as SIEMs, SOARs, EDRs, cloud infrastructure, firewall, and networking technologies to leverage their experience across multiple domains such as Red/Blue Teams, development, engineering, and collaboration with other security and systems engineers.

Essential Responsibilities:

• Review, validate, and respond to requested ISVMs (Information Security Vulnerability Management) and/or data calls from Security Officers/System Owners
• Work with system and product owners to develop POAM’s and address ISVM.
• Producing actionable; risk-based reports on security assessment results
• Serve as a Cybersecurity SME, liaising between system engineers, architects, and other teammates in the identification and implementation of appropriate information security controls. Advocating for optimal security outcomes, whilst communicating the technical, compliance, and business impacts to leadership for review, approval, and/or risk acceptance.
• Experience with SIEMs(Splunk, Sentinel), SOARs(Swimlane, Sentinel, SNOW), EDRs(Defender, CrowdStrike) , and Microsoft solutions (i.e.… O365, Azure, Defender, Entra)
• Experience with incident handling/response, digital forensics, vulnerability management, identity access management, security engineering, data loss prevention, and threat detection.
• Contribute to the security planning, assessment, risk analysis, risk management, certification, and awareness activities for system and networking operations
• Analyzes complex security issues and develops effective solutions
• Communicates and presents security concepts and recommendations effectively
• Possesses and applies comprehensive knowledge across key tasks and high-impact assignments
• Assisting with vulnerability remediation when necessary

• Must be a US Citizen with ability to maintain DHS EOD
• BA + 10 years of experience, AA + 12 years of experience, or 16 years of experience
• Must have active Security+ CE
• Demonstrated experience in cybersecurity operations such as but not limited to; incident handling/response, digital forensics, vulnerability management, identity access management, security engineering, data loss prevention, and threat detection.
• Must have some experience in cybersecurity assessments to include one or more of the following: Vulnerability assessments, threat assessment, application security or infrastructure security.
• Experience with one or more of the following: Cyber/NIST policy, RMF, mitigation development or implementation required.
• Strong analytical and problem-solving skills, particularly in optimizing security workflows.
• Professional, customer-oriented, and even-keeled under pressure.
• Effective communicator at all levels, both written and verbal.