Security Engineer, Associate

Location: Rockville MD

Work Type: Hybrid Work (Minimum 2 days onsite may extend based on client meetings delivery needs and proposal support)

Job Title: Security Engineer Associate

Clearance: Public Trust

Job Summary: LCG is seeking multiple Security Engineer Associates provides hands-on cybersecurity engineering support for Clients enterprise security program focusing on operating maintaining and troubleshooting mission-critical security platforms across on-premise and cloud environments. This role supports security tools operations and maintenance vulnerability scanning and remediation validation and continuous monitoring activities required under federal and HHS security mandates. The engineer will work closely with infrastructure teams application teams and tool vendors to ensure security technologies remain properly configured patched and integrated to support Clients overall security posture.

This position supports contract task requirements associated with IT Operations and Maintenance continuous monitoring and compliance/vulnerability scanning while enabling effective operations for key platforms including SIEM endpoint security vulnerability scanning IAM PAM and WAF technologies.

Key Responsibilities

Security Tools Operations & Maintenance (O&M)

• Configure operate and maintain Client security tools to support daily security operations and compliance monitoring requirements.
• Perform administration tasks such as:

• Policy tuning rule updates and configuration baselines
• Agent onboarding/offboarding (where applicable)
• Log source integrations and data normalization for analytics tools

• Provide technical expertise and internal knowledge transfer (as needed) to ensure tools are operationally sustainable.

Patch Upgrade and Lifecycle Management for Security Platforms

• Execute upgrades and patch management activities for security tools as vendor releases become available.
• Validate upgrade readiness and post-upgrade health by confirming:
• Service availability and performance baselines
• Data ingestion pipelines remain intact (e.g. SIEM logging continuity)
• Rules/policies remain enforced after version changes
• Maintain upgrade documentation and assist in planning to align tool maintenance windows with operational priorities.

Troubleshoot Security Tool Outages and Service Degradation

• Troubleshoot technical issues preventing security tools from functioning properly coordinating with infrastructure teams and vendors as needed.
• Diagnose issues across common tool failure points such as:
• Authentication/SSO integration failures
• Certificate or TLS communication issues
• Ingestion pipeline breaks (forwarders collectors APIs)
• Endpoint agent connectivity / policy enforcement failures
• WAF routing/inspection issues impacting application availability
• Provide incident-quality documentation capturing outage cause fix actions and hardening recommendations.

Vulnerability Scanning Support & Coordination

• Perform and coordinate internal and external scanning activities (monthly or as requested) using automated tools to assess the agencys security posture.
• Support scanning execution across:
• Network infrastructure and servers
• Web applications and external-facing services
• Cloud-hosted workloads and FedRAMP-aligned environments
• Assist in tracking scan output evidence and remediation status using program-defined governance tooling and reporting mechanisms.

Remediation Validation & Evidence Support

• Validate remediation actions by verifying patched systems updated configurations and resolved vulnerabilities through rescans and evidence review.
• Assist with ensuring remediation efforts meet SAMHSA and HHS POA&M expectations by:
• Confirming closure criteria are met (technical documentation)
• Supporting artifact gathering for audit readiness and compliance reporting
• Provide remediation guidance inputs to system owners and infrastructure teams as needed.

Continuous Monitoring Support (Operational Security Posture)

• Support security control monitoring activities aligned to federal continuous monitoring expectations (NIST SP 800-137 approach).
• Assist with ongoing monitoring functions such as:
• Monitoring tool coverage and health status
• Verifying visibility across endpoints network segments and cloud assets
• Supporting assessments tied to significant system changes
• Participate in periodic control assessment support activities and provide operational artifacts needed for continuous monitoring reporting.

Support Security Engineering Requests (Cross-Team Enablement)

• Work with Client stakeholders (system owners developers network/infrastructure teams) to implement security requirements and operational controls into enterprise services.
• Provide technical assistance to support integration of security tooling into evolving architecture needs including cloud and hybrid environments.

Technical Documentation and Operational Inputs

• Produce and maintain technical documentation supporting security engineering activities including:
• Tool configuration notes and administrative procedures
• Troubleshooting guides and known error patterns
• Upgrade/patch execution records and validation results
• Vulnerability scanning evidence and remediation verification summaries
• Provide documentation inputs that support audits and operational reporting activities.

Requirements

Education: Bachelors degree in one of the following (Cybersecurity / Information Assurance/Information Technology / Information Systems/Computer Science / Engineering)

Certification: CompTIA Security is commonly preferred/expected (helpful for federal cyber support environments)

Experience:

• Minimum: 5 years of experience in security architecture security engineering or system administration in enterprise environments.
• Experience supporting federal environments with FISMA/NIST-aligned controls and operational reporting
• Experience supporting hybrid environments (on-prem cloud) with security tool integration and monitoring coverage
• Strong hands-on experience operating security tools in enterprise environments.
• Working knowledge of:

• Vulnerability management lifecycle (scan validate remediate rescan)
• Patch and upgrade processes for security platforms
• Troubleshooting and coordination practices across vendors infrastructure and security teams
• Familiarity with continuous monitoring practices and the need for audit-defensible

Tools Set / Platforms

The Security Engineer Associate will support enterprise cybersecurity tooling including (but not limited to):

• Splunk (SIEM / log analytics)
• Tenable Nessus (vulnerability scanning)
• Trend Micro Deep Security (workload security)
• Carbon Black (endpoint detection/response)
• Okta (identity and access management)
• CyberArk (privileged access management)
• McAfee MVISION (endpoint/cloud security)
• AWS / Barracuda Web Application Firewall (WAF)

Compensation and Benefits

The projected compensation range for this position is $60000 to $120000 per year benchmarked in the Washington D.C. metropolitan area. Salary at LCG is determined by various factors including but not limited to role location education/training skills certifications and experience.

LCG offers a competitive and comprehensive benefits package including medical dental and vision insurance life and disability insurance retirement plan contributions paid leave federal holidays professional development opportunities and lifestyle benefits.

Devoted to Fair and Inclusive Practices

All qualified applicants will receive consideration for employment without regard to sex race ethnicity age national origin citizenship religion physical or mental disability medical condition genetic information pregnancy family structure marital status ancestry domestic partner status sexual orientation gender identity or expression veteran or military status or any other basis prohibited by law.

If you are interested in applying for employment with LCG and need special assistance or an accommodation to apply for a posted position contact Human Resources at

Securing Your Data

Beware of fraudulent job offers using LCGs name. LCG will never request payment-related details or advance payment during the application process. Legitimate communication will only come from or email addresses.