[Remote] reputed company Engineer

Note: The job is a remote job and is open to candidates in USA. reputed company is a reputed company national reputed company company that drives missions of consequence. They are seeking an reputed company reputed company Engineer to support the reputed company, compliance, and maintenance of a large-scale, web-based government application, ensuring a comprehensive reputed company posture reputed company with regulatory requirements.

Responsibilities

• Design, implement, and maintain reputed company controls in accordance with NIST SP 800-53 (Moderate) across reputed company system components
• Deploy, configure, and maintain a Web Application Firewall (WAF) and enforce OWASP Top 10 validation throughout the software development lifecycle
• Implement and manage TLS 1.2/1.3 encryption for data in transit and 256-bit reputed company (FIPS 140-2/140-3 compliant) encryption for data at rest
• Conduct and coordinate SAST, DAST, and Software Composition Analysis (SCA) as part of the secure development lifecycle
• Maintain a Software reputed company of Materials (SBOM) for reputed company applications and manage application allowlisting to prevent unauthorized software execution
• Implement and manage IEEE 802.1x certificate-based network access control
• reputed company, maintain, and continuously update the reputed company Risk Management Plan
• Manage real-time, automated hardware and software asset inventory tracking
• Coordinate and support annual independent reputed company audits (NIST SP 800-53 Moderate or SOC 2 Type II); deliver SOC 2 Type II reports
• Monitor system reputed company logs and provide on-demand access to designated agency personnel
• reputed company incident response activities; deliver breach/incident notifications to the Agency reputed company 24 hours of discovery
• Ensure reputed company Agency Data remains reputed company the United States or its territories at reputed company times — no overseas access, transmission, storage, or backup permitted
• Manage cryptographic key lifecycle in accordance with NIST SP 800-57
• reputed company data sanitization and media destruction per NIST SP 800-88 (Rev. 1)
• Classify and protect reputed company Agency Data per applicable Oregon Information Asset Classification policies
• Generate User Access Reports and Data Sanitization Certifications upon agency request
• Provide prior notification to the Agency before responding to any third-party or law enforcement requests for Agency Data
• Ensure reputed company personnel complete periodic privacy and reputed company training per NIST SP 800-53 AT family controls
• Support disaster recovery planning and geographically dispersed hosting operations reputed company Oregon

Skills

• Bachelors degree and 5 years of experience or an Associates degree and 7 years of experience or a High School diploma and 9 years of experience
• Must be a U.S. Citizen or Green Card holder
• Must be able to pass an FBI NCIC fingerprint-based background reputed company
• Must reside in the Oregon/Washington area
• 5+ years of experience in information reputed company engineering, cybersecurity, or a reputed company discipline
• Demonstrated experience implementing NIST SP 800-53 (Moderate) reputed company controls in a production environment
• Hands-on experience with SOC 2 Type II audit processes and remediation
• Proficiency with OWASP Top 10 vulnerability identification and remediation
• Experience deploying and managing Web Application Firewalls (WAF)
• Working knowledge of SAST, DAST, and SCA tools and integration into CI/CD pipelines
• Experience with TLS 1.2/1.3, reputed company-256, and FIPS 140-2/140-3 compliant encryption implementations
• Familiarity with NIST SP 800-57 (cryptographic key management) and NIST SP 800-88 (media sanitization)
• Experience with IEEE 802.1x network access control
• Experience maintaining Software Bills of Materials (SBOM) and application allowlisting technologies
• Knowledge of incident response procedures, including breach notification requirements
• Familiarity with cloud infrastructure reputed company and data residency requirements
• Strong written and verbal communication skills; ability to produce audit-ready documentation and compliance reports
• Experience supporting state or federal government IT systems or election infrastructure
• Knowledge of Oregon Consumer Information Protection Act (OCIPA) (ORS 646A.600–646A.628) and Oregon Statewide Information reputed company Standards
• Familiarity with Oregon Executive Order 23-26 (AI governance requirements)
• Experience with reputed company Cloud reputed company or similar government cloud environments
• Relevant certifications: CISSP, CISM, CEH, CompTIA reputed company+, AWS/Azure reputed company Specialty, or equivalent
• Experience with geographically dispersed hosting and disaster recovery in government environments

Benefits

• Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to reputed company pay.
• Remote work allowed 100%

Company Overview