Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
eSimplicity

Senior Security Engineer

eSimplicity

Senior Security Engineer at eSimplicity maintaining security controls for cloud environments. Responsible for ensuring compliance with federal security standards and mentoring teams.

Posted 6/9/2026full-timeRemote • Maryland • 🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies
AWSCloudJenkinsPythonSplunkTerraform

About the role

Key responsibilities & impact
  • Designing, implementing, and maintaining security controls across the Salesforce-based MESH platform and AWS cloud environment in accordance with CMS Acceptable Risk Safeguards (ARS) 5.1, FedRAMP Moderate, and NIST SP 800-53 Rev 5
  • Embedding security into the DevSecOps CI/CD pipeline by integrating SAST, DAST, IAST, and software composition analysis tools (e.g., Snyk, AppOmni, Tenable, AWS Security Hub) into GitHub Actions and Copado workflows
  • Operating the end-to-end vulnerability management lifecycle including detection, triage, prioritization, remediation tracking, and reporting; ensuring critical and high findings are remediated within CMS/HHS-defined timeframes
  • Performing and documenting Security Impact Analyses (SIAs) for proposed changes to the MESH platform and integrations such as T-MSIS, MBES/MacFin, Microsoft 365, and CMS DataConnect
  • Authoring, maintaining, and updating Authority to Operate (ATO) artifacts in CFACTS, including System Security Plans (SSPs), POA&Ms, Privacy Impact Assessments, Contingency Plans, and Incident Response Plans
  • Hardening Salesforce GovCloud configurations by enforcing role-based access, permission sets, OAuth/MFA, and Salesforce Shield controls; reviewing third-party AppExchange packages for security risk prior to installation
  • Configuring and tuning continuous monitoring and detection tooling (Splunk, AWS GuardDuty, CloudTrail, Security Hub) and leading incident response from detection through post-mortem review
  • Leading least-privilege access reviews and identity lifecycle workflows across CMS IDM/Okta, EUA, AWS IAM, Salesforce, and CI/CD pipelines; automating recurring access reviews and onboarding/offboarding tasks
  • Building dashboards and reports in Splunk, Power BI, or Jira that give CMS leadership and product teams visibility into vulnerabilities, compliance posture, access reviews, and audit readiness
  • Translating CMS, HHS, and federal AI governance requirements into actionable secure design patterns for AI/ML capabilities embedded in MESH (e.g., AI-assisted submission analysis, NLP search, predictive analytics)
  • Participating in Agile ceremonies as a security subject matter expert, ensuring user stories include clear security acceptance criteria and that security enablers are represented in the team Definition of Done
  • Mentoring developers, QA, and DevOps engineers on secure coding practices (OWASP ASVS), threat modeling, and continuous compliance
  • Cooperating with CMS-directed audits, penetration tests, and 3PAO assessments; coordinating responses to agency security data calls within required timeframes

Requirements

What you’ll need
  • All candidates must pass public trust clearance through the U.S. Federal Government.
  • Bachelor’s degree in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline
  • 8+ years of hands-on security engineering experience supporting cloud-hosted federal information systems
  • Demonstrated experience implementing and maintaining ATOs under CMS or HHS, including authoring SSPs, POA&Ms, and continuous monitoring artifacts in CFACTS or equivalent GRC tooling
  • Strong working knowledge of NIST RMF, NIST SP 800-53 Rev 5, FedRAMP Moderate baseline, and CMS ARS 5.1 controls
  • Hands-on experience with AWS security services (IAM, GuardDuty, CloudTrail, Security Hub, KMS, Config) and Salesforce security best practices (profiles, permission sets, Salesforce Shield, OAuth/MFA, AppOmni)
  • Experience integrating security gates into CI/CD pipelines using GitHub Actions, Copado, Jenkins, Terraform, or equivalent
  • Hands-on configuration and tuning of vulnerability and security testing tools such as Snyk, Tenable Nessus, Invicti, OWASP ZAP, AppOmni, and Splunk
  • Hands-on scripting and automation skills (Python, Bash, PowerShell, REST APIs)
  • Working knowledge of FIPS 140 validated encryption, HIPAA, the Privacy Act of 1974, and Section 508 considerations as they apply to federal information systems
  • Experience with Atlassian Jira and Confluence and CMS-style agile delivery environments

Benefits

Comp & perks
  • medical, dental, and vision coverage
  • 401(k) retirement benefits
  • paid time off
  • paid holidays
  • life and disability insurance
  • additional wellness and employee support programs

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
security engineeringcloud securityvulnerability managementsecurity impact analysisDevSecOpssecure coding practicesscriptingautomationcontinuous monitoringincident response
Soft Skills
mentoringcollaborationcommunicationleadershipproblem-solvingagile methodologyattention to detailorganizational skillscritical thinkingtime management