Cyber Security Engineer

SOSi is seeking an experienced Cybersecurity Engineer to join our team at SOS International in Reston, VA. This role strengthens SOSi's enterprise and customer-facing security posture across on-prem, Microsoft 365/Azure, and multi-cloud environments (AWS, GCP, OCI). You will engineer, implement, and continuously improve controls that protect CUI/FCI and other sensitive data, align with federal frameworks, and enable secure, reliable mission delivery.

Essential Job Duties

Classified Systems Leadership (ISSM)

• Program Oversight: Lead SOSi Corporate Classified Information Systems and serve as the primary ISSM for all classified spaces.
• Compliance Frameworks: Develop and conduct risk assessment procedures to verify RMF/A&A safeguards in accordance with NISPOM/DAAPM, RMF, JSIG, and NIST 800-series , guidelines.
• A&A Management: Direct all cybersecurity tasks including Authorization and Accreditation (A&A), risk management, vulnerability management, and privacy analysis.
• Authorization to Operate (ATO): Author and maintain critical security documentation, including System Security Plans (SSP) and Security Controls, to obtain and sustain system ATOs.
• Remediation: Collaborate with system owners to address Plan of Action and Milestones (POA&M) and conduct continuous evaluations of system security controls.

Security Engineering & Architecture

• Zero-Trust Implementation: Design and implement security reference architectures for endpoints, networks, identity, and cloud workloads aligned with zero-trust principles.
• Cloud Security: Engineer guardrails (policies, blueprints, landing zones), encryption, secrets management, and container security (Kubernetes) across Azure, AWS, GCP, or OCI using Infrastructure as Code (Bicep/Terraform).
• Identity & Access Management (IAM): Enforce least-privilege, RBAC/ABAC, and MFA/conditional access across Microsoft Entra ID (Azure AD) and supporting directories.

Threat Detection & Incident Response

• Operations: Build and tune detections (SIEM/EDR) and manage the end-to-end incident lifecycle: triage, evidence preservation, containment, eradication, and recovery.
• Continuous Monitoring: Define audit events, ensure reliable log collection/integrity, and generate compliance reports for leadership and external auditors.
• Active Defense: Coordinate with incident response teams to facilitate penetration testing, forensic analysis, and tabletop exercises.

Vulnerability & Data Protection

• Vulnerability Management: Operate and mature the vulnerability management program (e.g., Qualys), tracking findings through remediation and Change Advisory Board (CAB) control.
• Data Safeguarding: Enforce classification/labeling and FIPS-validated encryption for CUI/FCI data at rest and in transit, including secure handling of removable media and sanitization.
• Secure Baselines: Implement and maintain secure configuration baselines based on CIS/STIG requirements.

Qualifications

Minimum Requirements

• Bachelor's degree in Cyber Security, Information Technology, Computer Science, or a related field; OR equivalent experience.
• Minimum seven years of experience in cyber security or a related field.
• Strong understanding of network security, endpoint security, cloud security, and application security.
• Experience with security technologies such as intrusion detection/prevention systems, SIEM, antivirus software, and encryption techniques.
• Familiarity with regulatory requirements and standards such as CMMC, NIST, and ISO/IEC 27001.
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal abilities.
• Ability to work independently and as part of a team.
• Detail-oriented and committed to maintaining high standards of security.
• Proven track record of successfully managing and mitigating cyber threats and incidents.
• Experience in developing and implementing security strategies and policies.

Preferred Qualifications

• Current active, in-scope DoD Secret clearance, with the ability to obtain a TS/SCI clearance.
• One or more relevant certifications: Security+, CISSP, CASP+, CCSP, CISM, GIAC (e.g., GCIH/GCIA/GCED/GCLD), AZ-500, SC-200/300, or cloud-provider security certs.
• Background with vulnerability management at scale (e.g., Qualys) and secure baseline management (CIS/STIG).
• Familiarity with email security, DLP, MDM/MAM, ZTNA/secure web gateways, and container/Kubernetes security.
• Master's degree is a plus.

Additional Information

Work Environment

• Working conditions are normal for an office environment, both on-site and hybrid work environments.
• Fast paced, deadline-oriented environment.
• May require periods of non-traditional working hours including consecutive nights or weekends (if applicable).
• Hybrid work in local areas is possible.

Working at SOSi

All interested individuals will receive consideration and will not be discriminated against for any reason.