Security Engineer

Summary

Join Makpar, a leading innovator in federal government technology, as a Security Engineer. This exciting opportunity requires expertise in NIST 800-53 security controls and a strong technical background in risk and vulnerability management and compliance. You will play a key role in supporting security control implementation, vulnerability assessment, and ensuring compliance with federal cybersecurity frameworks. The ideal candidate will possess extensive experience in information technology and information security, relevant security certifications, and in-depth knowledge of federal security standards. Makpar offers a competitive salary, excellent benefits, and opportunities for professional growth in a dynamic and rewarding environment. Start your career today and be a part of something meaningful!

Requirements

• A minimum of 8+ years’ experience in Information Technology field with increasing responsibility
• At least 5+ years’ experience in Information Security solutions
• Possess relevant security certifications (e.g., CISSP, CCSP, CEH)
• In-depth knowledge of NIST 800-53, RMF, FedRAMP, FISMA, and related federal security standards
• Knowledge of system security vulnerabilities and remediation techniques
• Understanding of networking (subnetting, routing, VPC / VNet, security groups, load balancing, etc.)
• Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for 3 years and be Federal Tax compliant

Responsibilities

• Develop, assess, and document System Security Plans (SSPs), Plan of Action and Milestones (POA&Ms), and Risk-Based Decisions (RBDs)
• Work with developers and technical staff to provide guidance on how each security control family should be addressed
• Work with the team to collect, organize and submit evidence for Security Control Assessments (SCAs)
• Technical understanding of security technologies including encryption methods, Identity and Access Management (IAM) concepts and technologies like SAML, OIDC, SSO, and MFA
• Understanding of SIEM technologies like Splunk and other monitoring tools
• Knowledge of risk and vulnerability management to identify and remediate vulnerabilities
• Work across teams, and external customer groups to develop the security strategy, design security solutions, and advise implementation teams during deployment

Preferred Qualifications

• Experience with microservices based architecture, including designing security solutions for multi-tenant applications using tools for containerization and orchestration such as Docker and Kubernetes
• Hands-on experience supporting security for AWS cloud platform

Benefits

• Great benefits package
• Excellent training and career development opportunities
• Flexible work schedules
• Generous compensation package