Job description

About NDi: Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas. Military Veterans Encouraged to Apply Job Description: We're seeking a senior‐level Security Engineer to lead secure configuration, continuous monitoring, and compliance engineering efforts. You'll drive baseline hardening, risk assessments, and automation across cloud and on-prem systems, ensuring adherence to federal mandates and Zero Trust principles. Requirements: • U.S. Citizenship is required • Must be able to obtain a Public Trust • This position is primarily remote, but it requires the ability to attend occasional meetings in DC, MD, VA, WV, NJ, and OK as needed Qualifications and Experience • Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field • Minimum 6 years of relevant experience in enterprise security engineering and compliance • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified Ethical Hacker (CEH), Certified Authorization Professional (CAP), Security+, Information Technology (IT) certification, or equivalent certification. • In-depth understanding of the Continuous Diagnostics and Mitigation program and its phases • Proficiency in Zero Trust principles: micro-segmentation, least-privilege access, continuous verification • Expertise in the NIST Risk Management Framework (RMF) (SP 800-37/800-53) • Familiarity with the Cybersecurity Assessment and Secure Mission (CASM) model • Knowledge of FISMA requirements and annual reporting processes • Experience applying FedRAMP controls for cloud service providers and managing authorization packages • Strong knowledge of DISA STIG and SCAP automation for multiple OS platforms • Ability to map organizational controls to CISA CDM dashboard metrics and drive data integrations • Experience writing script in Python, PowerShell, or Bash for security automation and log analysis, and automating security control enforcement using Ansible, Terraform, or cloud-native security controls. • Excellent communication, documentation, and stakeholder-management skills Required Tools and Technologies Cloud & Database Platforms: • MS SQL Server (2019/2022) • AWS GovCloud • Azure compliance baselines • AWS RDS • Power Platform & M365 Baselines • SharePoint 2019 • Tomcat 9/10 Identity & Access Management: • Okta • CyberArk EPM & Privileged Access Management • ClearPass • Active Directory Endpoint & Network Security: • Tanium • Zscaler • Cisco IOS XE Configuration Management & Compliance Baselines: • Belarc • DISA STIG Tools • SCAP • CDM & CSAM tools • POA&M tracking systems • Secure Configuration dashboards Monitoring & Reporting: • Power BI · DLP / Information Protection solutions • Risk assessment workflows Collaboration & Documentation: • Jira • Enterprise Wiki / KSN portals • Runbook documentation Responsibilities: • Lead Secure Configuration Management baselines for applications, operating systems, databases, network devices, and platforms • Conduct Continuous Diagnostics and Mitigation (CDM) program activities-vulnerability management, configuration management, identity & access controls, and incident response • Perform risk assessments and manage POA oversee Cybersecurity Assessment and Secure Mission (CASM) workflows • Implement and automate DISA STIG and SCAP standards across Windows, Red Hat, iOS/iPadOS, macOS, and Chrome environments • Design and enforce Zero Trust controls: micro-segmentation, least-privilege access, continuous verification of users, devices, and services • Apply NIST RMF (SP 800-37/800-53) controls from system categorization through continuous authorization • Facilitate FedRAMP compliance for cloud services; author and maintain SSPs, SARs, and authorization packages • Map security controls to CISA CDM dashboard metrics; integrate data into monitoring solutions • Collaborate with stakeholders to define baseline exceptions, track remediation progress, and report metrics • Maintain documentation in enterprise wiki and compliance portals; manage Jira boards for tasks and exceptions • Mentor junior security engineers and coordinate cross-team compliance reviews Compensation and Benefits: At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer-paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job. Veterans First Commitment: As a Service-Disabled Veteran-Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization. Commitment to Diversity: NDi is an Equal Opportunity Employer. We are committed to creating a diverse environment and are proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran or military status, citizenship, national origin, or any other basis prohibited by law in all phases of the employment process and compliance with applicable federal, state, and local laws and regulations. As a federal government contractor, NDi complies with all applicable affirmative action requirements. Apply Now: Take advantage of this unique opportunity to join one of the fastest-growing companies in Federal contracting

Requirements