This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Cyber Security Engineer based in the United States.
In this role, you will help secure and modernize large-scale federal healthcare systems that directly support Veterans’ services nationwide. You will operate at the intersection of cloud security, compliance, and engineering, ensuring that AWS-based environments are designed and maintained with strong security controls from the ground up. The role spans hands-on security engineering, risk management framework (RMF) support, and Authority to Operate (ATO) processes in highly regulated environments. You will collaborate closely with DevSecOps, infrastructure, and application teams to embed security into every layer of the modernization lifecycle. This is a mission-driven position where your work directly strengthens the resilience, compliance, and safety of critical healthcare systems. The environment is highly collaborative, compliance-focused, and deeply technical, with strong emphasis on federal standards and Zero Trust principles.
Accountabilities:
In this role, you will be responsible for securing cloud and hybrid environments, supporting federal compliance efforts, and embedding security across engineering and modernization initiatives. You will act as a key contributor in ensuring systems meet strict regulatory, operational, and security standards.
- Support cybersecurity engineering activities across AWS-based and hybrid federal healthcare environments.
- Implement and maintain cloud security controls including IAM, encryption, logging, monitoring, and network security.
- Configure and operate AWS security services such as GuardDuty, Security Hub, CloudTrail, CloudWatch, Inspector, and Network Firewall.
- Support RMF, ATO, and continuous monitoring activities, including evidence collection and compliance documentation.
- Develop and maintain SSPs, POA&Ms, SOPs, risk assessments, control narratives, and security artifacts.
- Work within GRC platforms such as eMASS or ServiceNow GRC to support authorization and risk management workflows.
- Conduct vulnerability assessments, DISA STIG compliance, configuration hardening, and remediation tracking.
- Integrate security requirements into CI/CD pipelines, architecture design, and DevSecOps processes.
- Collaborate with cross-functional teams to ensure secure system design, deployment readiness, and audit preparedness.
Requirements
The ideal candidate brings strong hands-on cybersecurity engineering experience in regulated, cloud-based environments, along with a deep understanding of federal security frameworks and AWS security tooling. You are detail-oriented, compliance-aware, and comfortable operating in mission-critical systems.
- 5+ years of cybersecurity engineering experience in federal, healthcare, or other regulated environments.
- Strong experience securing AWS environments, including IAM, encryption, logging, monitoring, and network security.
- Hands-on expertise with AWS security services such as Security Hub, GuardDuty, CloudTrail, CloudWatch, Inspector, and Network Firewall.
- Experience supporting RMF, ATO processes, continuous monitoring, and federal compliance requirements.
- Familiarity with eMASS, ServiceNow GRC, or similar risk and authorization systems.
- Experience developing SSPs, POA&Ms, SOPs, risk assessments, and security documentation packages.
- Strong knowledge of NIST RMF, NIST 800-53, FISMA, FedRAMP, Zero Trust, and DISA STIGs.
- Understanding of secure SDLC, DevSecOps practices, CI/CD security, and system hardening.
- Strong analytical, documentation, and communication skills with the ability to work across technical and non-technical teams.
Benefits
- Competitive compensation aligned with experience and location
- Comprehensive health, dental, vision, and life insurance coverage
- 401(k) retirement savings plan
- Flexible and supportive work environment (remote within the U.S.)
- Opportunity to work on mission-critical federal healthcare modernization programs
- Exposure to advanced cloud security and Zero Trust initiatives
- Professional growth in highly regulated, high-impact environments
- Commitment to inclusion, equity, and employee well-being.