Security Engineer
Role details
Job location
Tech stack
Job description
Looking to make a difference, to help keep people safe, or even to save lives through your work with technology? Join Acuity's team of experts to have an impact on our government's critical missions. Acuity, Inc. is a consulting firm that supports federal agencies in the areas of IT Modernization, Data Enablement, and Hyperautomation. We are currently hiring for a Security Engineer. Why Acuity?: Looking to make a difference, to help keep people safe, or even to save lives through your work with technology? Join Acuity's team of experts to have an impact on our government's critical missions. Acuity, Inc. is a consulting firm that supports federal agencies in the areas of IT Modernization, Data Enablement, and Hyperautomation. Responsibilities:
- Provide hands-on technical subject matter expertise with respect to setting up and administering Fortify SSC, Fortify Security Assistant IDE Plugin, OWASP ZAP, and Audit Workbench. Anticipate expanding to SonaType.
- Administer applications and users.
- Field troubleshooting questions for developers (i.e., connections to pipelines)
- Field troubleshooting questions for front-end users (testers, security analysts -- "is this a false positive?", etc)
- Work with Project teams to review vulnerabilities.
- Familiar with Windows Server
- Work autonomously in an area of specialization to analyze internal security and provide relevant information to internal and external customers, suppliers, and partners.
- Have skill sets to perform computer incident response and remediation practices as outlined in NIST 800-61 (Computer Security Incident Handling Guide) and DHS 4300A Sensitive Systems Policy Handbook, Attachment F Incident Response. The staff will assist the Security Operation Center (SOC) on incident response actions for security incidents affecting the Cloud environment.
- Assist with the implementation of monitoring capabilities for various audiences - developers, business owners, security, and infrastructure; analyze all platform level, network changes and monitor impact and provide appropriate technical solutions to resolve issues efficiently; evaluate and document operating baseline according to required standards.
- Perform other duties as assigned by the Government., As a QA Automation Engineer, you will play a crucial role in shaping the future of AI systems by designing and implementing automated testing solutions. Your expertise will directl…
- 3 hours ago, As a Forward Deployed Engineer, you will play a pivotal role in developing and deploying advanced AI systems that support critical U.S. Government missions. This position involves …
- 3 days ago
Requirements
- Must have hands-on expertise with respect to setting up and administering Fortify SSC, Fortify Security Assistant IDE Plugin, OWASP ZAP, and Audit Workbench
- Have and maintain at least one active certification such as CISSP, CCISSP, CEH, CISM, CISA, Cloud+, CCSP, or other comparable certification which must be approved in advance by the Government PM (on a case-by-case basis)
- Minimum of five (5) years of experience in security engineering or security operations
- Experience in security process mapping, security process analysis, security process improvement concepts, models, and best practices
- Experience with cloud Platform as a Service (PaaS), Software as a Service (SaaS) and other cloud services
- Experience with Continuous Integration (CI)/Continuous Delivery (CD) - Deployment pipeline experience (Jenkins, Ansible, Terraform)
- Experience or a strong knowledge of Data at Rest Application Programing Interface (API) design
- Experience or a strong knowledge of programming languages (Python, Java etc.)
- Experience or a strong knowledge of container/orchestration tools (Kubernetes, Docker, Puppet, etc)
- Have a deep understanding of API Security, Container Security, Cloud Security
- Advanced Microsoft Excel and Access skills to perform extensive data mining, correlation, and reporting
- Contractor shall be staffed in the Washington, DC metropolitan area, unless explicitly approved by the Government PM
- Experience working with NIST SP 800-53, RMF, FISMA, DHS and DoD policies
- Some other tools besides Fortify that if they appear on the candidate's experience could be reasonable substitutes, * Fortify Static Code Analyzer
- Parasoft
- PVS-Studio
- Raxis
- reshift
- RIPS Technologies
- SmartBear Collaborator
- Understand
- Visual Expert
- Veracode
- Excellent customer service, analytical, problem solving, team-building, and interpersonal skills
- Ability to work independently and function as an integral part of the team
- Excellent oral and written communication skills; technical and business focused, with the ability to document and describe security process information collected
- Listening skills, the ability to detect explicit and implicit needs and wants
- Demonstrated ability to exercise good judgment, prioritize multiple tasks, and problem solve under pressure of deadlines and resource constraints
- Proven experience in building consensus and managing cross-functional teams
Clearance Requirements:
- Must have an Active Secret clearance or higher.
Benefits & conditions
We offer competitive compensation, comprehensive benefits, and a strong focus on work-life balance so you can perform at your best-at work and at home. Join an Award-Winning Team Our employees consistently rank us among the best-earning honors like Best Places to Work (Washington Business Journal, 9+ years) and Top Workplaces (The Washington Post, 2022-2025). Bring Your Whole Self to Work We're committed to building a diverse, inclusive environment where everyone feels respected, supported, and empowered to succeed. Make Your Impact Join Acuity and be part of a team where your ideas are valued, your growth is supported, and your work drives meaningful outcomes. Learn more: Acuity is an Equal Opportunity Employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. Recruiting Scams and Fraud Acuity Inc. has been made aware of fraudulent job postings and individuals impersonating company recruiters. These scams may include fake job offers, requests for sensitive personal information, or demands for payment. Please note:
- Acuity never asks candidates to pay for job applications, equipment, or training.
- All official communications will come from an @myacuity.com email address.
- If you are unsure about a job posting or recruiter, please verify the opportunity on our Careers page., + $70.00-77.00 per hour Join a leading digital health technology company''s engineering team to help build and secure the cloud infrastructure behind software that connects hospitals, clinicians, and pati…
- 2 days ago