Security Engineer, Associate

Location: Rockville, MD

Work Type: Hybrid Work (Minimum 2 days onsite - may extend based on client meetings, delivery needs, and proposal support)

Job Title: Security Engineer, Associate

Clearance: Public Trust

Job Summary: LCG is seeking multiple Security Engineer, Associates provides hands‑on cybersecurity engineering support for Client's enterprise security program, focusing on operating, maintaining, and troubleshooting mission‑critical security platforms across on‑premise and cloud environments. This role supports security tools operations and maintenance, vulnerability scanning and remediation validation, and continuous monitoring activities required under federal and HHS security mandates. The engineer will work closely with infrastructure teams, application teams, and tool vendors to ensure security technologies remain properly configured, patched, and integrated to support Client's overall security posture.

This position supports contract task requirements associated with IT Operations and Maintenance, continuous monitoring, and compliance/vulnerability scanning, while enabling effective operations for key platforms including SIEM, endpoint security, vulnerability scanning, IAM, PAM, and WAF technologies.

• Configure, operate, and maintain Client security tools to support daily security operations and compliance monitoring requirements.
• Perform administration tasks such as:

• Policy tuning, rule updates, and configuration baselines
• Agent onboarding/offboarding (where applicable)
• Log source integrations and data normalization for analytics tools

• Provide technical expertise and internal knowledge transfer (as needed) to ensure tools are operationally sustainable.

• Execute upgrades and patch management activities for security tools as vendor releases become available.
• Validate upgrade readiness and post‑upgrade health by confirming:

• Service availability and performance baselines
• Data ingestion pipelines remain intact (e.g., SIEM logging continuity)
• Rules/policies remain enforced after version changes

• Maintain upgrade documentation and assist in planning to align tool maintenance windows with operational priorities.

• Troubleshoot technical issues preventing security tools from functioning properly, coordinating with infrastructure teams and vendors as needed.
• Diagnose issues across common tool failure points such as:

• Authentication/SSO integration failures
• Certificate or TLS communication issues
• Ingestion pipeline breaks (forwarders, collectors, APIs)
• Endpoint agent connectivity / policy enforcement failures
• WAF routing/inspection issues impacting application availability

• Provide incident‑quality documentation capturing outage cause, fix actions, and hardening recommendations.

• Perform and coordinate internal and external scanning activities (monthly or as requested) using automated tools to assess the agency's security posture.
• Support scanning execution across:

• Network infrastructure and servers
• Web applications and external‑facing services
• Cloud‑hosted workloads and FedRAMP‑aligned environments

• Assist in tracking scan output, evidence, and remediation status using program‑defined governance tooling and reporting mechanisms.

• Validate remediation actions by verifying patched systems, updated configurations, and resolved vulnerabilities through rescans and evidence review.
• Assist with ensuring remediation efforts meet SAMHSA and HHS POA&M expectations by:

• Confirming closure criteria are met (technical + documentation)
• Supporting artifact gathering for audit readiness and compliance reporting

• Provide remediation guidance inputs to system owners and infrastructure teams as needed.

• Support security control monitoring activities aligned to federal continuous monitoring expectations (NIST SP 800‑137 approach).
• Assist with ongoing monitoring functions such as:

• Monitoring tool coverage and health status
• Verifyi…