Cyber Security Engineer

Job Description & Responsibilities

Persistent Systems is seeking a Cybersecurity Engineer to join our growing team. As a Cybersecurity Engineer, you will be a critical member of a support team for a Department of Defense program of record. The position will be based in Clearfield, UT. This Cybersecurity Engineer will possess strong core competencies in enterprise IT security, vulnerability management, and DoD compliance frameworks. Duties will include conducting cybersecurity analysis, vulnerability scanning, compliance assessment, and patch management for enterprise IT infrastructure including Windows systems, network devices, servers, and virtualized environments. This individual will play a pivotal role in maintaining the security posture of mission-critical infrastructure while enabling continuous authorization and operational readiness. 

Position Responsibilities 

• Conduct comprehensive cybersecurity analysis and remediation of enterprise IT devices including Windows workstations and servers, network switches and routers, virtualized infrastructure, and supporting systems 
• Develop, implement, and execute patch management processes to ensure timely application of security updates 
• Perform vulnerability and compliance scans using tools such as Nessus, ACAS, or similar platforms, analyze scan results, and prioritize remediation activities 
• Identify, test, and recommend additional hardening measures for enterprise systems based on known and emerging threats, industry best practices, and DoD Security Technical Implementation Guides (STIGs) 
• Develop and manage a Common Vulnerabilities and Exposures (CVE) mitigation process covering all enterprise IT devices in the system 
• Conduct log review and analysis from Windows Event Logs, network device logs, and security tools to identify potential security incidents or compliance issues 
• Support incident response plans by conducting technical analysis, containment actions, and forensic investigation as needed 
• Enable a DevSecOps model for device scanning and patch management through automation, integration with CI/CD pipelines, and continuous monitoring capabilities 
• Define and manage system and software changes to meet ATO/RMF requirements, including assessment of security impacts and documentation updates 
• Support the ISSM in the creation and maintenance of documentation for regular ATO renewal reviews, including System Security Plans, Risk Assessments, Plans of Action and Milestones, and security control testing results 
• Collaborate with system administrators and network engineers to implement security configurations, remediate vulnerabilities, and maintain compliance baselines 
• Apply STIG compliance standards to enterprise systems including Windows workstation and server environments, Cisco IOS, VMware/Hyper-V, and other commercial off-the-shelf (COTS) products 

Job Qualifications & Experience

Minimum Qualifications

• Four years of hands-on experience in cybersecurity operations, information technology, security engineering, vulnerability management, or related fields, or a related degree and two years of experience 
• Certification as required by DoD 8140 (e.g. Security+, CySA+, etc.) 
• Demonstrated experience with vulnerability scanning tools (Nessus, Qualys, Rapid7, ACAS) and interpreting scan results 
• Working knowledge of Windows server and desktop operating systems, Active Directory, Group Policy, and Windows security features, as well as routers, switches, and other network appliances and associated protocols 
• Familiarity with network security principles, including firewalls, VPNs, IDS/IPS, and secure network architectures 
• Experience applying DoD STIGs and security compliance frameworks to enterprise systems 
• Must be available to travel up to 25% of the time 
• Currently hold or have the ability to obtain United States Secret security clearance 

Preferred Qualifications  

• Bachelor’s or higher degree in Cybersecurity, Computer Science, or related technical field 
• Additional advanced certifications such as CISSP, CISM, or CASP+ 
• Four or more years of experience working with DoD organizations or defense contractors in cybersecurity roles 
• Knowledge of DoD cybersecurity policies, RMF processes, and EMASS workflows 
• Experience with virtualization security (VMware vSphere, Microsoft Hyper-V)  
• Proficiency with scripting languages (PowerShell, Python, Bash) for security automation and analysis 
• Experience with network monitoring and SIEM platforms (Splunk, PRTG, LogRhythm) for log analysis and security monitoring 
• Understanding of DevSecOps practices, CI/CD security integration, and infrastructure-as-code security 
• Experience with enterprise patch management solutions 

Total compensation for this role can vary from $117,000 to $141,000 a year based on individual qualifications. Eligibility for yearly discretionary bonus. Persistent Systems, LLC offers a comprehensive benefits package including medical, dental, vision, life, and disability insurance; paid time off (sick time and vacation time); flexible spending accounts; 401(k) plan with company match; fitness membership reimbursement; tuition assistance; mental health benefits; and pet discounts.

Company Overview

Persistent Systems is a growing business that develops Mobile Ad hoc Networking (MANET) wireless radio systems for Government and commercial applications. The radios are typically worn on the person, mounted to manned vehicles, integrated into autonomous unmanned vehicles, or installed at fixed sites. The systems provide on-the-move data, voice, video, and situational awareness capability. Located in the heart of New York City, Persistent Systems is an exciting company that is passionate about delivering cutting edge products.