Security Engineer (Hybrid)
Share
Job Location:
Austin, TX - USA
Monthly Salary:
Not Disclosed
Posted on:
3 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Title: Systems Analyst 3 (Hybrid)
Location: Austin TX
Duration: 05 Months possible extension
Job Description:
The Security Engineer will project work by leading security governance compliance and risk management activities with a strong focus on System Security & Privacy Plans (SSP/SSPP). This role bridges technical security operations and regulatory compliance ensuring audit readiness effective vulnerability remediation and secure delivery of public-facing services across complex multi-platform environments.
Responsibilities:
- Lead end to end System Security & Privacy Plan (SSP/SSPP) development maintenance and updates for enterprise systems
- Drive remediation activities through POA&M management ensuring timely closure of compliance gaps
- Translate penetration testing and vulnerability findings into actionable remediation work items (EPICs/user stories)
- Coordinate with application infrastructure and security teams to validate remediation through re-testing and evidence
- Oversee risk-based vulnerability management including prioritization and SLA-driven remediation
- Provide governance oversight for endpoint protection web application security and cloud security controls
- Produce assessor ready documentation including configurations monitoring evidence approvals and incident traceability
- Support continuous audit readiness and reduce repeat findings through disciplined governance and documentation practices
Candidate Skills and Qualifications:
| Minimum Requirements: | ||
| Years | Required/Preferred | Experience |
| 12 | Required | Deep focus on: Governance Risk and Compliance (GRC) Enterprise Security and Security Architecture Vulnerability Management and Penetration Testing Cloud Security and hybrid environments |
| 10 | Required | Proven experience owning SSP development end to end |
| 10 | Required | Hands on experience with CMS MARS E v2.2 or comparable federal/state security frameworks |
| 10 | Required | Strong expertise in: Control implementation documentation Audit evidence collection and validation POA&M creation tracking and remediation management |
| 8 | Required | Ability to translate technical security issues into compliance aligned remediation actions |
| 8 | Required | Strong stakeholder management skills across security infrastructure and application teams |
| 8 | Required | Excellent written and verbal communication skills particularly for executive stakeholders |
| 8 | Required | Knowledge of NIST 800 53 NIST RMF and privacy controls |
| 8 | Required | Knowledge of Secure SDLC and DevSecOps practices |
| 5 | Preferred | Experience operating in multi-vendor multi-platform environments |
| 5 | Preferred | Demonstrated ability to reduce repeat audit findings and improve compliance maturity |
| 5 | Preferred | Experience mentoring or guiding teams on security governance best practices |
| 1 | Preferred | Experience supporting HHSC systems including SSP development and compliance |
Key Skills
- Splunk
- IDS
- Network security
- Computer Networking
- Identity & Access Management
- PKI
- PCI
- NIST Standards
- Security System Experience
- Information Security
- Encryption
- Siem
