Network Designs, Inc.
Security Engineer - Continuous Diagnostics and Mitigation (CDM)
Network Designs, Inc., Washington, District of Columbia, us, 20022
Security Engineer - Continuous Diagnostics and Mitigation (CDM)
3 days ago Be among the first 25 applicants
About NDi Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas.
Military Veterans Encouraged to Apply Military veterans are encouraged to apply for this position.
Job Description The Security Engineer - Continuous Diagnostics and Mitigation (CDM) is responsible for designing, implementing, integrating, and maintaining enterprise CDM capabilities to provide continuous visibility into cybersecurity risk, asset posture, and compliance. This role supports federal cybersecurity objectives by deploying and operating CDM tools and dashboards, integrating security data sources, and enabling real‑time risk awareness across on‑premises and cloud environments. The Security Engineer works closely with cybersecurity operations, system owners, and compliance teams to improve situational awareness, support risk‑based decision‑making, and ensure alignment with federal cybersecurity standards and mandates.
Requirements
U.S. Citizenship is required
Must be able to obtain a Public Trust
This position is primarily remote, but it requires the ability to attend occasional meetings in DC, MD, VA, WV, NJ, and OK as needed
Qualifications And Experience
Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field
6+ years of experience in cybersecurity engineering, security operations, or risk management roles.
One or more industry‑recognized certifications required, including:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
Certified Authorization Professional (CAP)
CompTIA Security+
Or other equivalent IT or cybersecurity certifications
Demonstrated experience supporting or implementing CDM program capabilities within federal or regulated environments.
CDM Architecture & Tools
Experience implementing and operating CDM program tools, including capabilities across:
Asset Management (HWAM, SWAM)
Identity and Access Management (IdAM)
Vulnerability Management
Event Management
Network and Data Protection
Experience integrating CDM components such as:
Vulnerability scanners
Endpoint security tools
IAM solutions
Network security tools
Experience supporting or integrating with CDM dashboards, data feeds, and agency or federal‑level reporting.
Security Engineering & Operations
Configure, manage, and tune security controls including:
Firewalls, IDS/IPS, endpoint protection, encryption, and network security controls
Perform patch management and vulnerability remediation aligned with CIS Benchmarks, DISA STIGs, and SCAP.
Monitor security posture, vulnerabilities, and configuration compliance across enterprise environments.
Respond to security incidents, vulnerabilities, and emerging threats; support investigations and impact assessments.
Cloud & Zero Trust Security
Experience securing cloud environments (AWS, Azure, GCP) using:
Zero Trust Architecture (ZTA) principles
Cloud-native security controls, CSPM, CASB, and encryption
Support implementation of IAM, PAM, and RBAC controls aligned with Zero Trust objectives.
Governance, Risk & Compliance (GRC)
Assess, develop, and implement security policies and procedures aligned with:
NIST RMF, FISMA, FedRAMP, ISO 27001, and DoD STIGs
Conduct security risk assessments, control effectiveness reviews, and gap analyses.
Support preparation and maintenance of:
System Security Plans (SSPs)
Security Control Assessments (SCAs)
Authorization to Operate (ATO) packages
Plans of Action & Milestones (POA&Ms), including remediation tracking
Ensure compliance with federal regulations, industry standards, and organizational policies.
Support internal and external audits and certification activities.
Automation, Analysis & Integration
Develop scripts using Python, PowerShell, and/or Bash to automate security data collection, analysis, and reporting.
Integrate CDM tools and security platforms using APIs and automation frameworks (e.g., Ansible, Terraform, cloud‑native tools).
Analyze security data to assess risk impact and prioritize remediation efforts.
Analytical & Problem‑Solving Skills
Apply standard and advanced analytical techniques to evaluate security control effectiveness in real‑world environments.
Analyze cyber threats, vulnerabilities, and misconfigurations across multi‑layered architectures.
Make data‑driven decisions to improve security posture while balancing mission and operational needs.
Troubleshoot complex security issues across enterprise IT and cloud environments.
Communication & Collaboration
Collaborate with cybersecurity operations, system owners, engineers, auditors, and leadership to implement CDM capabilities and security best practices.
Communicate security risks, compliance status, and remediation strategies to technical and non‑technical stakeholders.
Develop security documentation, reports, policies, and procedures supporting CDM and accreditation activities.
Support and deliver security awareness and compliance training for stakeholders as needed.
Professional Attributes
Strong organizational, time‑management, and multitasking skills.
Highly responsive and customer‑focused.
Extensive understanding of business processes and enterprise IT/security environments.
Skilled in facilitation, consultation, and applied problem‑solving in complex settings.
Excellent written and verbal communication skills.
Ability to work with confidential and proprietary information with discretion.
Commitment to staying current with emerging threats, technologies, and federal cybersecurity requirements.
Required Tools And Technologies
CDM Program tools supporting:
Hardware Asset Management (HWAM)
Software Asset Management (SWAM)
Identity and Access Management (IdAM)
Vulnerability Management
Network and Data Protection
Event Management
CDM dashboards and reporting tools, including agency‑level and federal‑level data feeds.
Vulnerability scanning tools such as Tenable (Nessus / Tenable.sc), Qualys, Rapid7.
Configuration and compliance assessment tools aligned with DISA STIGs, CIS Benchmarks, SCAP‑compliant tools.
Identity and Access Management (IAM) platforms, Privileged Access Management (PAM) solutions, Role‑Based Access Control (RBAC), Zero Trust Architecture (ZTA) technologies and policy enforcement tools, Identity providers and directory services (e.g., Active Directory, Azure AD/Entra ID).
Network security technologies such as firewalls, IDS/IPS (Snort, Suricata), VPNs.
Endpoint security platforms: Endpoint Detection & Response (EDR), anti‑malware and host‑based security tools.
Encryption technologies for data at rest and in transit.
Cloud platforms: AWS, Azure, and/or GCP.
Cloud security tools including Cloud Security Posture Management (CSPM), Cloud Access Security Broker (CASB), cloud‑native security services.
Secure cloud configuration and monitoring aligned with federal standards.
Security monitoring and analytics platforms (SIEM or CDM‑integrated tools).
Log aggregation and event correlation technologies.
REST APIs and data integration mechanisms for CDM feeds.
Infrastructure automation tools such as Ansible, Terraform, cloud‑native automation services.
Git, ServiceNow, Confluence, SharePoint, etc.
Tools supporting SSP, SCA, ATO, and POA&M development and tracking.
Audit and compliance reporting.
Compensation And Benefits Salary: $119,405 - $145,664 per year. At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer‑paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.
Veterans First Commitment As a Service‑Disabled Veteran‑Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.
Commitment To Diversity NDi is an Equal Opportunity Employer. We are committed to creating a diverse environment and are proud to be an equal‑opportunity employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran or military status, citizenship, national origin, or any other basis prohibited by law in all phases of the employment process and compliance with applicable federal, state, and local laws and regulations. As a federal government contractor, NDi complies with all applicable affirmative action requirements.
Apply Now Take advantage of this unique opportunity to join one of the fastest‑growing companies in Federal contracting.
#J-18808-Ljbffr
About NDi Network Designs, Inc. (NDi) is a leading Federal contractor that specializes in designing, developing, and delivering information technology and network solutions for government customers. Founded in 1985, NDi's firmly defined core values have driven all aspects of the business, which have been paramount to our company's success and the establishment of an enjoyable workplace atmosphere. At NDi, we believe that our people are the cornerstone of our success, and we value collaboration, career growth, and winning ideas.
Military Veterans Encouraged to Apply Military veterans are encouraged to apply for this position.
Job Description The Security Engineer - Continuous Diagnostics and Mitigation (CDM) is responsible for designing, implementing, integrating, and maintaining enterprise CDM capabilities to provide continuous visibility into cybersecurity risk, asset posture, and compliance. This role supports federal cybersecurity objectives by deploying and operating CDM tools and dashboards, integrating security data sources, and enabling real‑time risk awareness across on‑premises and cloud environments. The Security Engineer works closely with cybersecurity operations, system owners, and compliance teams to improve situational awareness, support risk‑based decision‑making, and ensure alignment with federal cybersecurity standards and mandates.
Requirements
U.S. Citizenship is required
Must be able to obtain a Public Trust
This position is primarily remote, but it requires the ability to attend occasional meetings in DC, MD, VA, WV, NJ, and OK as needed
Qualifications And Experience
Bachelor's degree in Computer Science, Cybersecurity, Engineering, Information Systems, Mathematics, Technology, or related IT field
6+ years of experience in cybersecurity engineering, security operations, or risk management roles.
One or more industry‑recognized certifications required, including:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Certified Ethical Hacker (CEH)
Certified Authorization Professional (CAP)
CompTIA Security+
Or other equivalent IT or cybersecurity certifications
Demonstrated experience supporting or implementing CDM program capabilities within federal or regulated environments.
CDM Architecture & Tools
Experience implementing and operating CDM program tools, including capabilities across:
Asset Management (HWAM, SWAM)
Identity and Access Management (IdAM)
Vulnerability Management
Event Management
Network and Data Protection
Experience integrating CDM components such as:
Vulnerability scanners
Endpoint security tools
IAM solutions
Network security tools
Experience supporting or integrating with CDM dashboards, data feeds, and agency or federal‑level reporting.
Security Engineering & Operations
Configure, manage, and tune security controls including:
Firewalls, IDS/IPS, endpoint protection, encryption, and network security controls
Perform patch management and vulnerability remediation aligned with CIS Benchmarks, DISA STIGs, and SCAP.
Monitor security posture, vulnerabilities, and configuration compliance across enterprise environments.
Respond to security incidents, vulnerabilities, and emerging threats; support investigations and impact assessments.
Cloud & Zero Trust Security
Experience securing cloud environments (AWS, Azure, GCP) using:
Zero Trust Architecture (ZTA) principles
Cloud-native security controls, CSPM, CASB, and encryption
Support implementation of IAM, PAM, and RBAC controls aligned with Zero Trust objectives.
Governance, Risk & Compliance (GRC)
Assess, develop, and implement security policies and procedures aligned with:
NIST RMF, FISMA, FedRAMP, ISO 27001, and DoD STIGs
Conduct security risk assessments, control effectiveness reviews, and gap analyses.
Support preparation and maintenance of:
System Security Plans (SSPs)
Security Control Assessments (SCAs)
Authorization to Operate (ATO) packages
Plans of Action & Milestones (POA&Ms), including remediation tracking
Ensure compliance with federal regulations, industry standards, and organizational policies.
Support internal and external audits and certification activities.
Automation, Analysis & Integration
Develop scripts using Python, PowerShell, and/or Bash to automate security data collection, analysis, and reporting.
Integrate CDM tools and security platforms using APIs and automation frameworks (e.g., Ansible, Terraform, cloud‑native tools).
Analyze security data to assess risk impact and prioritize remediation efforts.
Analytical & Problem‑Solving Skills
Apply standard and advanced analytical techniques to evaluate security control effectiveness in real‑world environments.
Analyze cyber threats, vulnerabilities, and misconfigurations across multi‑layered architectures.
Make data‑driven decisions to improve security posture while balancing mission and operational needs.
Troubleshoot complex security issues across enterprise IT and cloud environments.
Communication & Collaboration
Collaborate with cybersecurity operations, system owners, engineers, auditors, and leadership to implement CDM capabilities and security best practices.
Communicate security risks, compliance status, and remediation strategies to technical and non‑technical stakeholders.
Develop security documentation, reports, policies, and procedures supporting CDM and accreditation activities.
Support and deliver security awareness and compliance training for stakeholders as needed.
Professional Attributes
Strong organizational, time‑management, and multitasking skills.
Highly responsive and customer‑focused.
Extensive understanding of business processes and enterprise IT/security environments.
Skilled in facilitation, consultation, and applied problem‑solving in complex settings.
Excellent written and verbal communication skills.
Ability to work with confidential and proprietary information with discretion.
Commitment to staying current with emerging threats, technologies, and federal cybersecurity requirements.
Required Tools And Technologies
CDM Program tools supporting:
Hardware Asset Management (HWAM)
Software Asset Management (SWAM)
Identity and Access Management (IdAM)
Vulnerability Management
Network and Data Protection
Event Management
CDM dashboards and reporting tools, including agency‑level and federal‑level data feeds.
Vulnerability scanning tools such as Tenable (Nessus / Tenable.sc), Qualys, Rapid7.
Configuration and compliance assessment tools aligned with DISA STIGs, CIS Benchmarks, SCAP‑compliant tools.
Identity and Access Management (IAM) platforms, Privileged Access Management (PAM) solutions, Role‑Based Access Control (RBAC), Zero Trust Architecture (ZTA) technologies and policy enforcement tools, Identity providers and directory services (e.g., Active Directory, Azure AD/Entra ID).
Network security technologies such as firewalls, IDS/IPS (Snort, Suricata), VPNs.
Endpoint security platforms: Endpoint Detection & Response (EDR), anti‑malware and host‑based security tools.
Encryption technologies for data at rest and in transit.
Cloud platforms: AWS, Azure, and/or GCP.
Cloud security tools including Cloud Security Posture Management (CSPM), Cloud Access Security Broker (CASB), cloud‑native security services.
Secure cloud configuration and monitoring aligned with federal standards.
Security monitoring and analytics platforms (SIEM or CDM‑integrated tools).
Log aggregation and event correlation technologies.
REST APIs and data integration mechanisms for CDM feeds.
Infrastructure automation tools such as Ansible, Terraform, cloud‑native automation services.
Git, ServiceNow, Confluence, SharePoint, etc.
Tools supporting SSP, SCA, ATO, and POA&M development and tracking.
Audit and compliance reporting.
Compensation And Benefits Salary: $119,405 - $145,664 per year. At NDi, we value our team and are committed to retaining top talent by offering competitive benefits and compensation packages. Our employee benefits package includes comprehensive health, dental, vision, pet, and legal insurance. Our corporate benefits include 401(k) retirement matching, paid leave, paid holidays, and health and wellness programs. In addition, we provide employer‑paid life and disability insurance, professional development, education benefits, and much more to ensure our team has the resources they need to thrive on and off the job.
Veterans First Commitment As a Service‑Disabled Veteran‑Owned Small Business (SDVOSB), NDi is dedicated to hiring veterans and providing a supportive work environment that honors their service while recognizing the unique skills and experiences they bring to our organization.
Commitment To Diversity NDi is an Equal Opportunity Employer. We are committed to creating a diverse environment and are proud to be an equal‑opportunity employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran or military status, citizenship, national origin, or any other basis prohibited by law in all phases of the employment process and compliance with applicable federal, state, and local laws and regulations. As a federal government contractor, NDi complies with all applicable affirmative action requirements.
Apply Now Take advantage of this unique opportunity to join one of the fastest‑growing companies in Federal contracting.
#J-18808-Ljbffr