Security Engineer

ECS is seeking a Security Engineer to work Remotely.

The Security Engineer will play a critical role in supporting the modernization of federal information technology systems while ensuring the highest standards of cybersecurity and compliance. This position requires an experienced professional who can navigate complex federal security requirements, implement robust security controls, and support the transformation of legacy systems to modern, cloud-enabled architectures. The Security Engineer will work closely with cross-functional teams including system architects, developers, operations staff, and federal stakeholders to embed security throughout the modernization lifecycle.

This role demands expertise in both traditional federal security frameworks and emerging technologies, with a focus on enabling secure digital transformation while maintaining compliance with federal regulations and standards. The successful candidate will contribute to reducing cybersecurity risks while accelerating the delivery of modernized IT capabilities to support critical government missions.

Responsibilities

Security Architecture & Design

• Design and implement security architectures for modernized federal IT systems, including cloud-native and hybrid environments

• Conduct security assessments and risk analyses for existing legacy systems and proposed modernization approaches

• Develop security controls and safeguards that meet federal compliance requirements (FISMA, FedRAMP, NIST frameworks)

Create and maintain security documentation including System Security Plans (SSPs), security control assessments, and Authority to Operate (ATO) packages

Compliance & Risk Management

• Ensure adherence to federal cybersecurity standards including NIST 800-53, FIPS 140-2, and agency-specific security requirements

• Support continuous monitoring and ongoing authorization processes for modernized systems

• Collaborate with federal Authorizing Officials and security teams throughout the ATO process

Identify, assess, and develop mitigation strategies for security risks associated with system modernization

Technical Implementation

• Implement security tools and technologies including SIEM, vulnerability management, identity and access management, and encryption solutions

• Configure and manage security controls for cloud platforms (AWS GovCloud, Azure Government, Google Cloud for Government)

• Develop and maintain security automation scripts and Infrastructure as Code (IaC) security configurations

• Integrate security testing and scanning tools into CI/CD pipelines and DevSecOps processes

Collaboration & Communication

• Work with development teams to implement secure coding practices and conduct security code reviews

• Provide security guidance and consultation to project teams throughout the modernization process

• Coordinate with federal agency security personnel, compliance officers, and technical teams

• Present security findings, recommendations, and status updates to both technical and executive stakeholders

General Description of Benefits

Requirements:

• U.S. Citizen
• Ability to obtain and maintain a DHS Public Trust suitability designation

• Bachelor's degree in Computer Science , Engineering, Information Systems, or related discipline (or equivalent experience)

• 5+ years in systems engineering for large-scale IT environments (federal experience preferred)

• Ability to obtain and maintain a DHS Public Trust suitability designation

Req Benefits:

">