Security and Cloud Engineer Rockville, MD

ASSYST is seeking an experienced Security Engineer / Network Security Administrator to support secure system design, implementation, and operations across the System Development Life Cycle (SDLC). This role integrates Dev Sec Ops  and security-by-design principles while ensuring the protection of enterprise infrastructure in on-premises, cloud, and hybrid environments.

The ideal candidate will be responsible for designing and implementing security controls, maintaining secure network segmentation, and supporting architecture reviews to ensure compliance with federal security standards. The position also requires expertise in firewall management, Zero Trust Architecture (ZTA), identity and access management, encryption, logging, and monitoring solutions.

• Integrate security controls and Dev Sec Ops  practices throughout the SDLC.
• Manage and maintain securely configured firewalls in segmented network environments to enforce least privilege access.
• Maintain network segmentation to isolate high-risk systems within restricted subnets.
• Support secure configuration of operating systems, databases, networks, and cloud services.
• Develop and maintain security architectures aligned with enterprise architecture standards.
• Support system and solution architecture reviews to ensure security controls are properly designed and implemented.
• Evaluate systems and architectures for compliance with NIST SP 800-53, NIST SP 800-37, and NIST SP 800-160.
• Assist in implementing Zero Trust Architecture (ZTA) principles.
• Provide guidance on Identity, Credential, and Access Management (ICAM), encryption, logging, and monitoring solutions.
• Ensure network logging and monitoring comply with OMB M-21-31 federal logging requirements.
• Security Architecture Diagrams
• Risk Mitigation Recommendations
• Security Engineering Design Documents
• Control Implementation Evidence

• Experience in security engineering and architecture across the SDLC.
• Strong knowledge of network security, firewall management, and network segmentation.
• Experience securing on‑premises, cloud, and hybrid infrastructure environments.
• Familiarity with Zero Trust Architecture (ZTA) and ICAM.
• Knowledge of NIST security frameworks (SP 800‑53, SP 800‑37, SP 800‑160).
• Understanding of federal logging requirements (OMB M‑21‑31).

ASSYST is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law.