Senior Cybersecurity Engineer
Pueo Business Solutions LLC
Overview We are seeking a highly skilled Cybersecurity Engineer (CSE) with extensive experience in air‑gapped and classified container platforms, CI/CD pipelines, security automation, and federal cybersecurity requirements. The ideal candidate will possess hands‑on expertise in Kubernetes, OpenShift, registry management, security test automation, and the implementation of cybersecurity controls in compliance with federal standards like NIST 800‑53, DISA STIGs, and RMF/ATO workflows. A) Air‑Gapped / Classified Container Platforms (Kubernetes/OpenShift/RKE2) Designing a Disconnected Cluster Design and manage a multi‑container OpenShift hosted platform in an air‑gapped enclave. Expertise in cross‑domain CI/CD, blue‑green testing, and platform deployment within disconnected environments. Familiar with image/helm/chart mirroring, FIPS 140 validated crypto, OS hardening (e.g., Alpine), and SELinux enforcing. Registry and Artifact Governance Maintain and govern a disconnected container registry, ensuring content sources, image signing, SBOMs, and vulnerability gating. Familiarity with tools such as Cosign, Syft, Grype, Trivy, OCI level attestations, and curated repository promotions. Admission Control & Policy Enforcement Enforce security baselines and policies without internet dependencies using tools like OPA Gatekeeper, Kyverno, and image provenance verification. Cluster Multi‑Tenancy in SCIFs Implement RBAC, namespace isolation, and mTLS for mixed‑sensitivity workloads within a SCIF (Sensitive Compartmented Information Facility). Patching and CVE Response Offline Manage critical Kubernetes CVEs in air‑gapped enclaves through risk triage, change windows, and mirrored updates. B) CI/CD & Security Test Automation (Disconnected) Pipeline Architecture for Classified Enclaves Design CI/CD pipelines to build, test, sign, scan, and promote containers across Dev ? Test ? Prod in closed networks. Familiarity with GitLab/Jenkins runners, artifact promotion, and “compliance as code” practices. Automated Security Testing Coverage Implement automated tests for SAST, DAST, IAST, SCA, and IaC scanning within CI/CD pipelines. Ensure pipeline failures persist if discrepancies are detected. Evidence Generation for RMF Generate RMF/ATO evidence via automated pipeline outputs, mapping artifacts to NIST controls. Knowledge of OSCAL output, control mappings, and integration with evidence stores like eMASS. Promotion Gates & Provenance Ensure artifacts meet quality and security criteria (e.g., reproducible builds, signed/provenanced artifacts, passing STIG checks) before promotion to higher environments. Testing for Platform + App Security Regressions Implement tests for platform upgrade regressions using tools like kube‑bench, kube‑hunter, and e2e integration suites. C) Federal Cybersecurity Requirements (RMF/ATO, STIGs, CNSS, FedRAMP) RMF Tailoring in Containerized Systems Tailor NIST 800‑53 controls for microservices platforms, identifying platform vs. app team responsibilities. Work with shared responsibility matrices and control inheritance catalogs. DISA STIG Application to Kubernetes Workloads Apply and track Kubernetes/Docker/OpenShift STIG findings and exceptions. Implement a “STIG as code” approach in CI/CD pipelines and perform continuous drift checks. Continuous Monitoring (CONMON) Implement telemetry collection for CONMON using on‑prem tools (e.g., Prometheus, Grafana, auditd, Falco). Design and manage control dashboards and evidence snapshots. ATO Acceleration through Automation Reduce ATO lead times using automated assessments, OSCAL generation, and integration with tools like eMASS. Policy Conflicts & Adjudication Reconcile conflicts between NIST, CNSS, and program‑specific directives, leveraging risk‑based decision memos and compensating controls. D) Networking, Identity & Zero Trust in On‑Prem/Classified Enclaves Zero Trust in Kubernetes Implement Zero Trust principles within Kubernetes beyond mTLS and RBAC, using tools like SPIFFE, SPIRE, and service mesh authZ. Offline PKI Operations Manage certificate lifecycles in air‑gapped environments, utilizing offline roots, short‑lived certs, and mesh cert synchronization strategies. East‑West Segmentation Strategy Design and implement micro‑segmentation and egress controls for multi‑tenancy within classified environments. Identity Propagation Across Layers Ensure identity propagation from build systems through runtime enforcement, using tools like Sigstore attestations and audit chain linking. Cross‑Domain and Data Movement Patterns Securely move artifacts across domains with tamper‑evident transfer logs, hash‑based validation, and offline review stations. E) Operations, SRE & Incident Response in SCIFs Observability without SaaS Build observability solutions for logs, metrics, traces, and capacity planning using on‑prem tools like EFK, Prometheus, and Tempo. Break Glass & Change Control Design a break‑glass process with time‑bound privilege elevation, session recording, and immutable logs. Forensics & Container Runtime Collect forensic evidence from compromised container nodes while preserving data integrity through disk snapshots and isolated triage nodes. Resiliency & DR in Disconnected Sites Develop strategies for service continuity across multiple isolated sites, including staged upgrades and backup/restore drills. Application Team & SOC Integration Integrate containerized environments with enterprise SOC teams during incident detection, containment, and recovery. Define roles, telemetry requirements, and communication channels for effective response.
REQUIRED QUALIFICATIONS:
12 years of experience and a Masters degree. Degree can be substituted for 6 additional years of applicable experience IAT/IAM Level 3 Certification in compliance with DoD 8570/8140 guidelines Extensive experience working with Kubernetes, OpenShift, RKE2, and container registry management in air‑gapped and classified environments. Deep understanding of CI/CD pipeline architectures, especially in disconnected networks. Expertise in federal cybersecurity frameworks, such as NIST 800‑53, DISA STIGs, RMF, and ATO processes. Familiarity with security testing tools (SAST, DAST, IAST, IaC) and automated compliance validation. Proven track record of enforcing Zero Trust principles, PKI management, and network segmentation in a classified environment. Strong ability to map pipeline artifacts to RMF/ATO controls and support security operations during incidents. Extensive experience in cybersecurity design and architecture.CLEARANCE:
Top Secret minimum Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities. #J-18808-Ljbffr Pueo Business Solutions LLC$148.8k - $306.5k
Accenture Federal Services is looking for a Cybersecurity Engineer in Arlington, Virginia. You will be responsible for designing and managing cybersecurity solutions that meet federal requirements, including implementing security controls and conducting risk assessments...Senior$148.8k - $306.5k
Accenture seeks an experienced Cybersecurity Engineer in Arlington, Virginia. The role involves designing and managing cybersecurity solutions, ensuring compliance with federal requirements, and conducting risk assessments. Candidates must have a Bachelor's degree and...Senior- Hiring Our Heroes in Arlington, VA seeks an experienced Cybersecurity Engineer to support federal clients in modernizing cybersecurity processes. This senior role involves conducting security assessments for AI-enabled technologies, SaaS, and cloud services. The ideal candidate...SeniorRemote job
- A defense contracting company is seeking a Senior Cybersecurity Engineer in Arlington, VA. This on-site role involves supporting cybersecurity operations, managing firewalls, and incident responses. Qualified candidates should have a Bachelor's degree in computer science...Senior
$204k - $284k
...technology firm in Arlington, VA is seeking a Principal Software Reverse Engineer. The role involves reverse engineering software and firmware, leading technical teams, and developing innovative cybersecurity solutions. Candidates require a Bachelor's degree in Computer...Senior- A cybersecurity solutions provider is seeking a highly skilled Cybersecurity Engineer with extensive experience in Kubernetes, OpenShift, and federal cybersecurity requirements. This role involves managing container platforms, designing CI/CD pipelines, and implementing...Senior
$150k - $250k
Blue Sky Innovators is seeking a cybersecurity professional with a Bachelor's degree in a relevant field and at least three years of notable experience in cybersecurity policy and compliance. The salary range for this position is $150,000 - $250,000 per year, considering...Senior- A prominent cybersecurity firm is seeking a Senior Cybersecurity Engineer to support government operations in Arlington, VA. The role involves managing cybersecurity applications, firewalls, and providing incident response. Candidates need a BS in computer science or related...Senior
- A cybersecurity solutions firm in Virginia is seeking a Senior Trellix Cybersecurity Engineer with extensive experience in cybersecurity engineering to support AI/ML development projects. The role includes architecting and managing Trellix security environments and ensuring...SeniorFull time
- The MITRE Corporation in McLean, Virginia is seeking a Cyber Security Engineer to deliver solutions to complex challenges impacting U.S. Government's mission. In this hybrid role, you will provide hands-on engineering analysis across multiple areas including firewalls,...Senior
- Carnegie Mellon University in Arlington, VA is seeking a Senior Cybersecurity Engineer to support national security and resilience. The role focuses on cybersecurity, advising teams, and leading engagements in a dynamic environment. Applicants should possess a relevant...Senior
- MartinFed is seeking a Security Operations Center (SOC) Engineer III to provide advanced cybersecurity monitoring and incident response support. You will lead efforts to strengthen security through effective use of SIEM technologies like Splunk. The ideal candidate will...Senior
- Alaka`ina Foundation Family of Companies in Arlington, Virginia is searching for a Senior Cybersecurity Engineer to enhance operations for our government client. This on-site role requires a minimum of five years of cybersecurity experience with a focus on Splunk enterprise...Senior
- Battelle UK Limited is seeking a Cybersecurity Test Engineer in Arlington, Virginia, to support the Department of Homeland Security. This full-time, on-site role involves critical tasks including test planning, data analysis, and technical reporting in cybersecurity. The...SeniorFull timeFlexible hours
$148.8k - $306.5k
Cybersecurity Engineer The Cybersecurity Engineer will design, implement, and manage cybersecurity solutions to ensure compliance with federal requirements, integrating security into the DevSecOps lifecycle. They will develop secure architectures, implement NIST and DoD...SeniorLive inLocal area- The Alaka`ina Foundation Family of Companies (FOCs) is looking for a Senior Cybersecurity Engineer to support our government customer located in Arlington, VA . This position is 100% on site. Description of Responsibilities Responsible for supporting the operations of cybersecurity...SeniorFull time
$114k - $273k
...year Department and Location Department: Engineering Location: Arlington, VA Description... ...defense technology company, is seeking a Senior Systems Engineer to be part of our Warfare... ...Learning (ML) based data analytics, cybersecurity, as well as backfit and forward‑fit tactical...SeniorFull timeWork at officeImmediate startRemote work$148.8k - $306.5k
Job Description The Cybersecurity Engineer will design, implement, and manage cybersecurity solutions to ensure compliance with federal requirements, integrating security into the DevSecOps lifecycle. They will develop secure architectures, implement NIST and DoD security...SeniorLive inLocal area$160k - $190k
Senior Trellix Cybersecurity Engineer / RMF ISSO - TS/SCI Clearance: Active TS/SCI Clearance Required Citizenship: U.S. Citizen Required Experience: 11-13 years of relevant experience Education: Bachelor's Degree in Computer Science or related field Position Type: Full-...SeniorPermanent employmentFull timeContract workWork at officeImmediate startRemote work- A cybersecurity firm is seeking a Cyber Operations Engineer to develop and deploy innovative cybersecurity solutions. The role requires a bachelor's degree and 7+ years of expertise in cybersecurity engineering, particularly in reverse engineering and vulnerability research...Senior
- Insight Global is seeking an Electrical Systems Engineer IV to lead a Chip-Off Forensics Lab for a federal cybersecurity program. You will design, establish, and operate lab workflows for chip extraction, PCB analysis, and memory data recovery, driving forensic methodologies...Senior
- Innovative Defense Technologies seeks a Senior Software Engineer in Arlington, VA to join the Advanced Capabilities team. You will design,... ...software, and cross-functional collaboration with management, cybersecurity, hardware, and test groups. #J-18808-Ljbffr Innovative...Senior
- ...Resilience Directorate, you will be part of a team of cyber security engineers applying the latest tools, techniques, and methods to cyber security and operational resilience challenges. The Senior Cybersecurity Engineer will work directly with leaders in government,...SeniorFull timePart timeImmediate start
- EY is seeking a WAF Operations Solution Engineer to implement and manage WAF solutions to protect client applications from cyber threats. You will work within a cybersecurity team to establish security measures for web applications and data. The ideal candidate should...Senior
- Inova Health in Falls Church, Virginia is seeking a dedicated Biomedical Engineer Sr. This full-time role involves conducting diagnostic repairs and managing maintenance tasks for complex medical equipment while delivering excellent customer service. Minimum requirements...SeniorFull time
- Chenega Corporation is looking for a Senior Systems Administrator in Arlington, VA. This role focuses on managing complex Windows and... ...spanning system performance, virtualization, and cybersecurity compliance. The ideal candidate will possess a Bachelor's degree...Senior
$90k - $130k
...experience in quality assurance and test automation. Key responsibilities include writing test plans, managing test data, and ensuring cybersecurity compliance. Preferred candidates will have relevant certifications and experience in Agile environments. Salary ranges from $90,...Senior- SES Satellites seeks a Senior Engineer, Cloud and System Security to translate advanced security requirements into comprehensive technical... ...application domains. You will autonomously drive complex cybersecurity implementations, design secure architectures, and guide security...Senior
- Two Six Technologies in Arlington, VA is seeking a Senior DevOps Engineer to join our cybersecurity team. This role will involve troubleshooting OS level issues, applying scripting expertise, and collaborating closely with cross-functional teams. The ideal candidate will...Senior
$127k - $181k
Job Summary Battelle's Critical Infrastructure Business Line group is seeking a Cybersecurity Test Engineer to support the research, development, test, and evaluation of security systems and technologies for the Department of Homeland Security. This is a full‑time, on‑site...SeniorFull timeWork experience placementWork at officeLocal areaRemote workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Cybersecurity Engineer. Be the first to apply!
- senior app developer Mc Lean, VA
- senior international account manager Mc Lean, VA
- senior magento developer Mc Lean, VA
- senior quantitative risk analyst Mc Lean, VA
- sr marketing manager Mc Lean, VA
- sr technical product manager Mc Lean, VA
- senior information technology consultant Mc Lean, VA
- senior manager pmo Mc Lean, VA
- senior accountant part time Mc Lean, VA
- senior front-end developer Mc Lean, VA

