Cyber Security Engineer

Description

The solution is a containerized, Kubernetes-based, multitenant hosting environment for hosting our clients enterprise and tactical applications. The client utilizes Kubernetes and potentially Red Hat OpenShift to implement a cloud-native, software-defined infrastructure across multiple global sites. They provide value-added common and managed services built on top of the Kubernetes foundation that hosted applications will require.

Position Duties

• Deploy, configure, and manage cybersecurity tools for Kubernetes environments, including vulnerability scanners, runtime security tools, and compliance frameworks.
• Administer and oversee Kubernetes-native security tools, such as ACAS (Nessus), Kube-Bench, Kube-Hunter, and Falco, to ensure cluster security and compliance .
• Implement and monitor Role-Based Access Control (RBAC) policies and Pod Security Standards (PSS) to enforce least privilege and workload isolation.
• Harden Kubernetes clusters and containerized workloads using industry best practices and DoD Security Technical Implementation Guides (STIGs).
• Perform regular container image scanning using tools like Trivy, Clair, or Anchore to identify vulnerabilities in container images.
• Conduct Infrastructure as Code (IaC) scanning for Kubernetes manifests, Helm charts, and Terraform scripts using tools like Checkov, KubeLinter, or Polaris.
• Ensure compliance with DoD RMF by using tools like Kube-Bench and OpenSCAP.
• Deploy, configure, and manage Security Information and Event Management (SIEM) solutions, such as Splunk or Elasticsearch, to monitor Kubernetes clusters and containerized workloads.
• Develop and integrate rules, queries, and dashboards to detect and respond to security incidents in real time.
• Monitor runtime security using tools like Falco, Sysdig Secure, or Aqua Security to detect anomalous behavior in containers and Kubernetes clusters.
• Collaborate with the Cyber Incident Response Team to investigate and remediate security incidents.
• Integrate security tools into the CI/CD pipeline to automate security scans for code, container images, and IaC configurations.
• Work with DevOps teams to implement security gates in the pipeline, ensuring that only secure and compliant workloads are deployed.
• Automate routine administrative tasks using tools like Ansible, Terraform, or scripting languages (e.g., Python, Bash).
• Collaborate with internal and external teams, including developers, Kubernetes administrators, and Cybersecurity Service Providers, to ensure security requirements are met.
• Review and respond to Cyber Tasking Orders (CTOs), ensuring timely implementation of required changes.
• Create and maintain documentation for security configurations and standard processes.
• Provide regular reports on the security posture of the Kubernetes environment, including vulnerability assessments and compliance status.
• Responsible for assessment of threats and vulnerabilities to organizational computing assets and developing/integrating rules, queries, and filtering techniques to produce meaningful risk analysis for responses.
• Coordinate with team to ensure all devices and components report all relevant logs to the SIEM solution and perform troubleshooting of non-reporting assets.
• Work with a team to review Cyber Tasking Orders (CTOs), determine applicability and response, and incorporate required changes.
• Review proposed SIEM configuration changes for security impact.
• Interact with Cyber Security Service Providers and customer ISSOs/ISSMs on a regular basis.

Desired Skills

• Working knowledge of DoD STIGs, and IA Vulnerability Management (IAVM).
• Basic understanding of DOD Risk Management Framework Assessment & Authorization (RMF A&A).

Required Certifications

• DoD 8140 Cybersecurity ISSM (722 role or similar)
• Person must possess Baseline certification as defined in DoD Instruction 8570.01-M (generally Security+ CE).
• Must have (or obtain within 6 months of hire) a computing environment certification as defined in DoD 8570.01-M, such as:
  • Certified Kubernetes Security Specialist (CKS)
  • Certified Kubernetes Administrator (CKA)
  • Red Hat Certified Specialist in OpenShift Administration
  • Cloud Native Security Certification (CNSC)
  • GIAC Kubernetes and Cloud Security (GCKS)
  • AWS Certified Security – Specialty
  • Microsoft Certified: Azure Security Engineer Associate
  • Any other related certification to the role of this position

Job Type & Location

This is a Contract position based out of Fairlawn, VA.

Pay And Benefits

The pay range for this position is $65.00 - $73.00/hr.

Requirements

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following:

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long-term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)

Workplace Type

This is a hybrid position in Fairlawn,VA.

Application Deadline

This position is anticipated to close on Apr 21, 2026.