Compliance and Continuous Monitoring Engineer - Vulnerability Management (Top Secret Clearance)
ShorePoint
Job Description
Job Description
Salary:
Who we are:
ShorePoint is a fast-growing, industry recognized and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a work hard, play hard mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nations critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individuals technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 144 hours of PTO, 11 holidays, 85% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement and more.
Who were looking for:
We are seeking Compliance and Continuous Monitoring Engineer - Vulnerability Management (Top Secret Clearance)with expertise in security assessments, vulnerability management and continuous monitoring. The ideal candidate will support assessment and authorization activities, conduct technical security evaluations and ensure enterprise systems remain compliant with federal cybersecurity standards. The Compliance and Continuous Monitoring Engineer (Vulnerability Management) role will provide hands-on scanning, reporting and compliance support to strengthen the enterprise cybersecurity posture. This is a unique opportunity to shape the growth, development and culture of an exciting and fast-growing company in the cybersecurity market.
What youll be doing:
- Work closely with organizations to ensure full comprehension of security controls; conduct site visits as required.
- Assist with compliance assessments using tailored control matrices; provide expert assessment support.
- Conduct annual reviews of security controls to ensure continued compliance.
- Establish footholds on endpoints to provide day-to-day visibility into enterprise security posture.
- Develop and maintain processes and best practices for evaluating assessment and authorization data.
- Use industry-standard automation tools to review system configurations and security control compliance.
- Conduct NIST control assessments in support of system authorization and continuous monitoring.
- Develop and maintain Security Assessment Reports (SARs) and Risk Assessment Reports (RARs).
- Employ a scan-patch-scan methodology to ensure proper remediation of vulnerabilities.
- Conduct vulnerability scanning on a weekly to bi-weekly basis using industry-standard tools.
- Report scan data to system administrators to support timely remediation.
- Perform false positive and vulnerability analysis to validate findings and prioritize remediation.
- Configure applications to ingest, process and report vulnerability data from assessments and self-assessments.
- Conduct long-term trend analysis to identify changes in enterprise security posture.
- Provide dashboard views and executive-level reports to communicate risk, vulnerability and compliance posture.
- Configure authenticated and unauthenticated scans of web servers (e.g., Apache, IIS) to identify vulnerabilities such as outdated software, misconfigurations, exposed services and SSL/TLS weaknesses.
- Assess both in-house and COTS web applications to identify OWASP Top 10 risks, including SQL injection, cross-site scripting (XSS) and insecure headers.
- Lead technical troubleshooting sessions with administrators and leadership to analyze findings, validate issues and drive remediation efforts.
- Maintain a general understanding of network architecture diagrams to support vulnerability analysis and remediation planning.
What you need to know:
- Strong understanding of federal frameworks including NIST 800-53 and 800-53A.
- Knowledge of SANS and OWASP Top 10 vulnerabilities and best practices.
- Ability to synthesize and analyze large volumes of vulnerability and scan data.
- Ability to clearly articulate findings in written and verbal form.
Must haves:
- Bachelors degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field or additional 10+ years of IT experience in lieu of degree.
- One or more of the following certifications: (ISC)2 Certified Information Security Professional (CISSP), GIAC, GCIA or GCIH
- Proven ability to analyze complex requirements and translate them into clear, actionable tasks and processes through critical thinking.
- Ability to perform vulnerability and compliance assessments on all devices identified during enterprise network scans, including operating systems oracle and MySQL databases and web applications.
- Proficiency with enterprise-class scanning tools such as Tenable Nessus and Tenable Security Center, database scanning tools such as AppDetective and DbProtect and web scanning tools such as Web Inspect, with strong knowledge of security best practices and common vulnerabilities for each technology, including SANS and OWASP Top 10.
- Experience performing enterprise-level assessment scanning of networks, databases and web applications.
- Ability to configure and perform host, port and service discoveries on large enterprise networks and identify target operating systems and applications or services from discovery results.
- Proficiency in configuring, troubleshooting and administering Tenable Security Center, Tenable Nessus standalone, AppDetective and Web Inspect.
- Strong understanding of security policies used by intelligence organizations, as well as NIST guidelines (e.g., 800-53 and 800-53A).
- Ability to think critically and creatively and to synthesize and analyze large volumes of scan data.
- Strong written and verbal communication skills with the ability to present findings clearly and comprehensively.
- Applicants must possess an Top-Secret clearance with SCI eligibility and ability to pass a Counterintelligence (CI) polygraph .
Beneficial to have:
- Experience with open-source and commercial testing tools, including Nessus, NMAP, AppDetective, Hailstorm, Guardium and Web Inspect.
Where its done:
- Onsite (Washington, DC.)
- ...Assurance and Vulnerability Assessment Engineer to support... ...planning Continuous monitoring support The... .... Verify compliance with... ...vulnerability management activities.... ...experience. Clearance Requirements... ...rankings on "Top 50 Companies... ...active Top Secret Security Clearance...Secret clearanceContract workTemporary workLocal area
- .../SME in Alexandria, VA. This role requires development and management of the DISA ConMon strategy, ensuring IT systems compliance with security standards, and leading a team of analysts. A Top Secret clearance is mandatory for this position. The ideal candidate will possess...Secret clearance
- ...III to support cybersecurity engineering and compliance in a NAVSEA Program Office.... ...involves implementing controls, monitoring security posture, and fixing vulnerabilities across systems. Candidates... ...degree, and an active DoD Secret clearance or the ability to obtain one...Secret clearanceWork at office
- ...Title: Risk and Vulnerability Analyst II... ...Full-time Clearance: Secret eligibility required... ...that compliance-driven federal... ...vulnerability management is a service... ...issues and ensure continuous coverage... ...Support continuous monitoring requirements... ...as a Top 20 "Best Place...Secret clearanceFull timeWork experience placementFlexible hours
- ...workforce as an engine to drive... ...engage in continuous improvement... ...advanced vulnerability assessment,... ...supporting compliance with federal... ...vulnerability management strategies... ...continuous monitoring and... ...with a DoD Secret clearance. Bachelor'... ...STIGs OWASP Top 10 PHYSICAL...Secret clearanceContract workWork at officeLocal area
- ...Customer Support Engineer (CSE), you... ...& Management task area.... ...delivery, compliance, and customer... ...monitoring and data integrity... .... Conduct vulnerability analysis and... .... Support continuous... ...anActive Secret security clearance. Provide customer... ...Technology TOP 50 (ranking...Secret clearanceTemporary workFor contractorsFor subcontractorWork at officeRemote work
$135.2k - $278.5k
...a Glassdoor Top 100 Best Place... ...Lead Senior Manager will design, engineer, and... ...implement cloud monitoring and logging... ...and business continuity solutions for... ...hold an active Secret clearance. Bonus... ...management, vulnerability remediation, and compliance reporting....Secret clearanceLive inLocal area- ...description: TLinked LLC is seeking a Monitoring Engineer to join our team of qualified... ...delivery. Prioritize and manage work using agile methodology... ...US Citizenship and an active SECRET Government Security Clearance with the ability to obtain TOP SECRET if needed. Bachelor’s...Secret clearanceFor contractorsWork at officeRemote workShift workDay shift
$68k - $122k
...overseeing and monitoring authorized IT systems... ...and program management. Maximum... .... Conduct continuous assessments of... ...assessments are in compliance with industry auditor... ...security, vulnerabilities, and threats.... ...Active DoD Top Secret clearance with SCI eligibility...Secret clearanceRemote work$150k - $160k
...Cloud/System Engineer to provide... ...the continuous operational... ...accessibility, monitor system health... ...cybersecurity vulnerabilities and ensure... ...Security Manager (ISSM) to coordinate... ...508 Compliance. Strong... ...to detail. Clearance Level Must... ...active DoD Top Secret clearance with...Secret clearanceTemporary workRemote workWorldwideFlexible hours3 days per week- ...Security Risk Management Engineer Dexian Government... ...cybersecurity compliance engineering. This... ...system vulnerabilities and control deficiencies... .... Continuous Monitoring Support Review... ...+ CAP or GRC Clearance Requirements TS... ...requires an active Top Secret Security Clearance...Secret clearanceTemporary workLocal area
- ...soaring! As a dynamic management consulting firm, we... ...The Senior Systems Engineer provides end‑to‑end... ...CD, RBAC, logging, monitoring, and vulnerability‑management‑related... ..., fault tolerance, continuity of operations... ...obtain and maintain a Secret clearance during the entire period...Secret clearanceFor contractorsLocal area
- ...Koniag Government Services company, is seeking a Monitoring Engineer with a Top Secret security clearance to support EHS and our government customer in Washington... ...Provide recommendations to optimize and improve management of vSphere Infrastructure. Plans and executes...Secret clearanceWork experience placementLocal areaFlexible hours
- ...infrastructure, monitoring tools, server... ...compliance activities. This... ...monitoring platforms, vulnerability remediation,... ...management, and security... ...current DoD Secret clearance day one and prior... ...clearance to Top Secret. Desired... ...with network engineers, system administrators...Secret clearanceFull timeContract workMonday to Friday
- ...Senior Continuity Professional Seeking a Senior Continuity professional... ...COOP plans, ensuring compliance with federal continuity... ...in continuity and emergency management working groups Deploy to... ...multiple priorities ~ Active Top-Secret clearance (SCI eligible with recent...Secret clearanceWork at office
- Security Monitor 2 page is loaded##... ...:*** Continuously monitor to detect... ...credentials, and clearances for military... ...Identify and report vulnerabilities in physical... ....* Enforce compliance with site... ...CLEARANCE:** Top Secret SCI CI Polygraph... ..., facilities management, and advanced...For contractorsShift work
$150k - $170k
...- Identity & Access Management Engineer - Onsite - Active Secret Required Title 1802 -... ...Arlington, VA Security Clearance Requirement Top Secret About Us... ...expertise supervising, monitoring, and troubleshooting... ...implementation gaps, vulnerabilities, and risks, developing...Secret clearanceTemporary workLocal area$80k - $128k
...Threat Analysis Clearance: Secret Peraton is... ...seeking a Risk and Vulnerability Analyst.... ...role ensures continuous visibility, compliance, and timely remediation... ...vulnerability monitoring and risk... ...SOC, IR, and engineering teams. Ensure... ...vulnerability management, or risk analysis...Secret clearanceContract workShift work$62k - $124k
...Washington, DC is seeking a Security Management Lead (SML) - Senior to oversee security program activities and drive compliance across mission-critical operations. The... ...relevant experience and an active DoD Top Secret/SCI clearance. This role offers a salary range of $6...Secret clearanceFor contractors- ...) SECURITY & COMPLIANCE ENGINEERING (SCE) POSITION... ...requires continuous evaluation of... ...Continuous monitoring of system compliance... ...Experience: Vulnerability scanning... ...Information Security Manager (CISM)... ...certifications Clearance Level Minimum of active Secret Clearance and...Secret clearanceRemote work
$100k - $108k
...Configuration Manager Location :... ...alternate site. Clearance Required: Active Secret or Top-Secret... ...with ITSM and monitoring toolsets, and ensures continuous compliance with DoD cybersecurity... ...and engineers have accurate... ...data with ACAS vulnerability scans to help...Secret clearance- ...Title: Risk Manager Location:... ...assessing, monitoring, and mitigating... ...threats, vulnerabilities, and... ...assessments, and compliance reviews related... ..., engineering, and operational... .... Support continuous improvement... ...Hold a Q clearance or TS/SCI clearance... ...an active Top Secret/SCI...Secret clearanceFull timeContract workTemporary workWork at officeLocal areaImmediate startHome officeFlexible hours
- ...contractor specializing in Management Consulting, Information... ...confidence that we are continually measuring and improving... ...satisfaction. Policy and Compliance Analyst DISA Active Secret Clearance Required. Job Type:... ...must possess an active Top Secret security clearance...Secret clearanceFull timeContract workTemporary workFor contractors
$90k - $150k
...time USAToday Top Workplaces... ...seeking a SRE Engineer to support our... ..., and Compliance Support (IPCS... ...DevOps, release management, cybersecurity... ...and support continuous delivery without... ...and maintain monitoring, alerting,... ...possess an active Secret security clearance or be able to...Secret clearancePermanent employmentFull timeContract work- ...networking performance and compliance and protect... ...Security Project Engineering and Knowledge Management. Key... ...identify and exploit vulnerabilities in systems and applications... ...confirmed. Security Clearance The successful... ...active U.S. Government Top Secret Security Clearance...Secret clearanceFor contractorsLocal area
- ...analyst supports the continuity, planning,... ...staffing, execution, and compliance Case tracking, milestone monitoring, and issue... ...Force Life Cycle Management Center (AFLCMC), Program... ...relevant discipline Top Secret / Sensitive... ...Active Secret Security Clearance Must have authorization...Secret clearanceContract workWork at officeLocal area
- ...Overview The Engineer will... ...Security & Compliance: Actively support... ...including vulnerability remediation... ...images. Manage image... ...Logging, Monitoring, and Telemetry... ...readiness, and continuous monitoring.... ...Clearance & Background... ...an active Top Secret security clearance...Secret clearanceWork at officeLocal area
- ...Overview The Engineer will... ...Security & Compliance: Actively support... ...including vulnerability remediation... ...workstation images. Manage image... .... Logging, Monitoring, and... ...readiness, and continuous monitoring.... ...Qualifications Clearance &... ...an active Top Secret security clearance...Secret clearanceWork at officeLocal area
- ...skilled Cybersecurity Compliance Lead to support our... ...compliance, risk management frameworks, and Department... ...governance and continuous auditing. Key Responsibilities... ...: Active Top Secret clearance and U.S. citizenship... ...assessments, and compliance monitoring. Ability to...Secret clearanceLocal area
- ...Developer to enhance web-based applications for monitoring operations within a classified environment.... ...of tools that support enterprise system management. Candidates must possess an active Top Secret security clearance, Security+ Certification, and at least 3 years...Secret clearanceDay shift
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Compliance and Continuous Monitoring Engineer - Vulnerability Management (Top Secret Clearance). Be the first to apply!
- patient safety monitor Washington DC
- community monitor Washington DC
- computer lab monitor Washington DC
- pool monitor Washington DC
- clinical research monitor Washington DC
- quality assurance monitor Washington DC
- patient monitor Washington DC
- program monitor Washington DC
- security monitor Washington DC
- monitor tech Washington DC

