Security Engineer (4364)

SMX is seeking a Security Engineer to support a high-visibility cloud modernization and DevSecOps transformation program for a federal customer. In this role, you’ll contribute to securing mission-critical systems that underpin the Federal government’s personnel vetting enterprise. This is a unique opportunity to integrate into a team at the forefront of implementing Zero Trust, automation, and continuous authorization strategies in secure cloud environments, driving real impact in national security. This position is a hybrid role supporting a Herndon, VA based team.

Essential Duties:

• Support the implementation and continuous enhancement of secure cloud landing zones in AWS GovCloud IL5 environments.
• Assist in deploying and maintaining security tools across DevSecOps pipelines (e.g., SAST, DAST, SCA).
• Conduct system and software vulnerability assessments and document remediation strategies.
• Monitor system logs and security events to identify anomalies and ensure compliance.
• Assist in preparing RMF accreditation packages, including documentation in eMASS.
• Collaborate with development and infrastructure teams to embed security into CI/CD pipelines and automation tools.
• Support implementation of Zero Trust principles and cloud-native security features.
• Help enforce compliance with DoD cybersecurity policies, including STIGs and NIST 800-53.

Required Skills & Experience:

• Minimum 5 years of relevant cybersecurity or cloud security experience.
• Bachelor’s degree in Cybersecurity, Computer Science, or a related field.
• Active Secret clearance.
• Familiarity with AWS security tools and secure cloud architectures at IL5 or higher.
• Experience with security compliance tools and standards such as RMF, NIST, and STIGs.
• Working knowledge of DevSecOps practices, tools, and CI/CD environments.
• Must meet DoD 8140 requirements (e.g., Security+ or equivalent certification).

Desired Skills & Experience 

• Exposure to Zero Trust Architecture and related security overlays.
• Experience using GitLab, JFrog, SonarQube, or Jira in secure software delivery pipelines.
• Knowledge of scripting or Infrastructure as Code (IaC) practices (e.g., Terraform).
• Understanding of secure software development lifecycle and automation best practices.
• Familiarity with eMASS, ACAS, or other vulnerability scanning and compliance tools.
• Professional security certifications such as CISSP, GSEC, or GIAC are a plus.

Application Deadline:  6-27-2025

#CJPOST #LI-SA

 

The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications. At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement.

The proposed salary for this position is:$103,200—$172,000 USD

 

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is an Equal Opportunity employer including disabilities and veterans.

Selected applicant may be subject to a background investigation and/or education verification.