Cybersecurity Engineer

CMT Services Inc.

$90K — $130K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 5-7 years of hands-on engineering experience in enterprise security
  • Expertise in NIST SP 800-53 and NIST SP 800-207 frameworks
  • Deep knowledge of IAM, RBAC, PAM, and MFA integration
  • Proficient with SIEM and EDR/XDR processes
  • Experience with vulnerability management and NIST RMF
  • Skilled in securing AWS and Azure environments
  • Bachelor's degree in IT, Cybersecurity, or a related field

Responsibilities

  • Support and optimize enterprise security platforms across various environments
  • Implement controls in line with NIST standards
  • Design and maintain least-privilege access systems
  • Configure IAM solutions and secure identity integration
  • Manage centralized logging and monitoring setups
  • Conduct continual monitoring and vulnerability assessments
  • Secure cloud environments with effective controls and practices

Benefits

  • Remote work flexibility under certain conditions
  • Engagement with a high-impact federal agency
  • Opportunity to enhance national cybersecurity posture
  • Work with cutting-edge cybersecurity tools and methodologies
  • Develop key operational procedures and documentation
Full Job Description
Position Title: Cybersecurity Engineer

Location:

US Congressional Budget Office

Ford House Office Building, 4th floor

2nd St SW, 441 D St SW

Washington, DC 20024

Period of Performance:

08/15/2026 - 08/14/2031

Place of Performance:

Remote work is authorized under this contract; however, at CBO's discretion, contractor employees may be required to work on-site at CBO facilities without reimbursement for related travel or expenses.

Security Clearance

Public Trust (Tier 2)

Citizenship

U.S. Citizenship or Permanent Residence status

Position Summary: The Cybersecurity Engineer designs, implements, and maintains enterprise security controls that enforce Zero Trust - identity-centric access, least-privilege enforcement, continuous monitoring, and threat detection across cloud, network, and endpoint environments - ensuring security technologies and services are configured, hardened, and continuously monitored to strengthen CBO's posture and detection/response capabilities.

Key Responsibilities:
  • Support implementation, operation, and optimization of enterprise security platforms across cloud, on-premises, and hybrid environments.
  • Implement/maintain controls aligned with NIST SP 800-53 (AC, CM, SC, AU, IR, SI families) and NIST SP 800-207 Zero Trust.
  • Design/maintain least-privilege access - RBAC, privileged access management (PAM), and MFA across enterprise systems.
  • Configure/manage IAM solutions; integrate with enterprise identity providers for secure authentication/authorization.
  • Configure/maintain centralized logging, monitoring, and audit; integrate with enterprise SIEM; comply with retention policies.
  • Conduct continuous monitoring, vulnerability assessment, and risk analysis aligned with NIST RMF; harden systems/apps/cloud to secure baselines.
  • Secure cloud/hybrid environments (AWS, Azure) - security services, identity controls, network protections, workload security.
  • Identify/remediate vulnerabilities; coordinate patching/mitigation; support IR (alert monitoring, analysis, containment, forensic collection).
  • Maintain segmentation/access strategies to limit lateral movement; follow formal change management with security impact analysis.
  • Develop/maintain cybersecurity SOPs, system configurations, baselines, and asset inventories; perform RCA; support 24/7 monitoring (SIEM, EDR/XDR, cloud-native tools).
  • Collaborate with network, cloud, and application teams; serve as technical resource for advanced service desk and security issues


Required Qualifications:
  • Hands-on experience engineering enterprise security controls across cloud, network, and endpoint per NIST SP 800-53 and NIST SP 800-207 Zero Trust.
  • Experience with IAM, RBAC, PAM, and MFA, and integration with enterprise identity providers.
  • Experience with SIEM and EDR/XDR - centralized logging, continuous monitoring, threat detection, triage, containment, and forensic collection.
  • Experience with vulnerability management, NIST RMF risk analysis, secure-baseline hardening, and patch/mitigation coordination.
  • Experience securing AWS and Azure cloud/hybrid environments and supporting audit readiness, SOPs, RCA, and 24/7 operations.


Education:
  • Bachelor's degree in IT, Cybersecurity, or related field


Required Documents
  • Letter of Commitment


Disclaimer:

By submitting your resume for this job posting, you authorize CMT Services, Inc. to forward your resume to all applicable internal and external managers, agencies, and recruitment personnel for review and consideration to hire.

Similar Jobs

More Jobs at CMT Services Inc.

More Information Technology Jobs

Find similar Cybersecurity Engineer jobs: