Senior Security Engineer

The Senior Security Engineer will serve as an architect-level security professional responsible for designing, engineering, and operationalizing end-to-end security visibility across complex federal environments. This role requires deep hands-on expertise across vulnerability management, security analytics, automation, and cloud security, with the ability to integrate and correlate data from multiple security and infrastructure platforms. The ideal candidate is not a traditional security analyst, but a senior engineer who can build scalable visibility models, enable compliance-driven reporting, and act as a technical bridge between security, cloud, operations, and leadership teams.

You will work within a dynamic, highly skilled team focused on solving complex security challenges through automation, advanced visibility modeling, and scalable security engineering. The environment emphasizes innovation, engineering rigor, and measurable impact across mission-critical systems, offering opportunities to work on high-visibility projects that directly support federal security and compliance objectives. All work must be performed on site in Bethesda, MD

• Demonstrated ability to design and maintain cross-platform security visibility models spanning vulnerability management, endpoint security, logging platforms, cloud environments, and on-prem infrastructure
• Strong understanding of authoritative asset inventory, agent coverage validation, and vulnerability posture tracking in large enterprise or federal environments
• Proven experience correlating security telemetry across multiple tools and data sources to produce reliable operational and executive insights

• Deep hands-on expertise with Tenable Security Center and Nessus, including APIs, repositories, plugins, agent-based vs. remote scanning models, and scan architecture
• Ability to develop advanced vulnerability analytics beyond native UI capabilities
• Experience normalizing vulnerability data by plugin ID, asset attributes, operating system, and aging
• Strong capability in handling large-scale filtering challenges, including CIDR ranges, IP segmentation, and dynamic exclusions

• Advanced Splunk engineering expertise, including complex SPL development, large-scale filtering, and data normalization
• Experience building and maintaining production-grade Splunk XML dashboards for operational teams and executive leadership
• Proficiency with lookup-driven normalization, asset resolution, and enrichment workflows
• Ability to design daily snapshots, trending views, and compliance-oriented metrics with high data accuracy

• Strong proficiency in Python for security automation, analytics, reporting, and operational tooling
• Experience developing custom tools that integrate with security platform APIs to enrich, normalize, and operationalize data
• Ability to automate asset correlation, agent health validation, and multi-source data reconciliation

• Strong working knowledge of AWS and Azure cloud security, including logging, tagging strategies, and ephemeral resource tracking
• Experience aligning security telemetry and reporting with FedRAMP and OMB M-21-31 requirements
• Ability to translate compliance expectations into technical visibility and measurable controls

• Experience working in regulated federal environments with complex governance and compliance requirements
• Proven ability to collaborate across security, cloud, infrastructure, operations, and leadership teams
• Strong communication skills with the ability to translate technical findings into actionable insights for non-technical stakeholders