Cybersecurity Engineer

Job Title: Cybersecurity Engineer
Job Location: Arlington, VA 
Job Type: Perm 100% Onsite 

Cybersecurity Engineer 

The Cyber Security Engineer is responsible for delivering security architecture expertise and best practices oversight across complex multi-cloud, multi-partner environments. This role involves deep-level architecture reviews, developing secure design patterns, and supporting the administration and management of IT/OT security infrastructure. The position ensures the protection of data and assets in alignment with established information security policies and industry best practices.

Key Responsibilities

• Lead the implementation of an enterprise-level cybersecurity program.
• Develop reference architectures to address security trends and common requirements through repeatable best practices.
• Conduct threat modeling and collaborate with technical teams to integrate security requirements into solutions.
• Perform security architecture reviews for platforms and applications in multi-tenant, multi-provider, and cloud environments.
• Research and implement security automation and security-as-code methodologies to enhance security assessments and service delivery.
• Partner with IT teams to track strategic platform initiatives, proactively managing architecture reviews and addressing critical security risks.
• Ensure assessments are documented, performed consistently, and deliver high-quality, timely results.
• Maintain technical proficiency and certifications relevant to security solutions and architectures.
• Design and implement security solutions for cloud-based systems, including IAM, network security, data protection, DevSecOps, and compliance.
• Apply and implement security frameworks such as NIST 800-53, FISMA, and FedRAMP Moderate/High.
• Utilize cloud security best practices, including encryption, authentication, authorization, and audit capabilities.

Qualifications & Skills

• Bachelor’s degree or equivalent experience in business, computer science, or management information systems.
• 10 years of experience in technology-driven security solutions within energy facilities or related industries.
• Industry-recognized security certifications preferred (e.g., CISSP, CCSK, CISA, CISM, CEH).
• 5 years of experience in IT security risk assessments and industry frameworks (NIST 800 series, ISO 27000, IT General Controls).
• Strong knowledge of Identity and Access Management (IAM), cryptography, key management, access controls, and security protocols (e.g., Multi-factor, SAML, OAuth, OIDC).
• Expertise in Azure/AWS Infrastructure services and cloud security best practices.
• Strong analytical, system design, and communication skills.
• Self-motivated, proactive problem solver with the ability to prioritize tasks in a fast-paced, high-pressure environment.