Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
True Zero Technologies, LLC

Lead Cyber Hygiene Engineer

True Zero Technologies, LLC

Lead Cyber Hygiene Engineer leading risk-based asset management for federal cybersecurity at True Zero Technologies. Overseeing vulnerability management, configuration management, and database hardening efforts.

Posted 4/29/2026full-time🇺🇸 United StatesSeniorWebsite

Tech Stack

Tools & technologies
AzureCloudCyber SecurityDynamoDBLinuxMongoDBMySQLNoSQLOraclePostgresPythonServiceNowSplunkSQL

About the role

Key responsibilities & impact
  • Oversee RBAM projects, schedules, milestones, and team execution
  • Facilitate meetings and brief leadership on status, risks, priorities, and progress
  • Lead and coordinate vulnerability management activities across enterprise systems, including vulnerability identification, prioritization, remediation tracking, and validation
  • Oversee remediation efforts by working with system owners, engineers, administrators, database teams, and other stakeholders to ensure timely and risk-informed mitigation
  • Apply knowledge of CVE, CVSS, NVD, and the CISA KEV catalog to support risk-based vulnerability prioritization and remediation sequencing
  • Establish, manage, and enforce configuration baselines across Windows, Linux, network, cloud, containerized, and database environments
  • Incorporate security configuration baselines into configuration management processes, including operating system image hardening, automation, audit, and compliance validation
  • Support configuration management practices aligned with NIST SP 800-128 and other applicable federal guidance
  • Coordinate database hardening activities across relational, NoSQL, and cloud-native database environments
  • Apply DISA STIGs, CIS Benchmarks, and hardening best practices to support secure database configuration and compliance
  • Assess on-premises and cloud-hosted database environments for security posture, hardening compliance, logging, encryption, data masking, and audit readiness.
  • Use scanning and validation tools to verify database hardening compliance and identify configuration gaps
  • Translate audit requirements into actionable technical configurations, remediation tasks, dashboards, reports, and evidence artifacts
  • Develop, modify, and maintain dashboards and reports in Splunk or similar SIEM platforms to support leadership visibility, operational tracking, and program performance.
  • Use enterprise ticketing systems such as ServiceNow to document findings, assign remediation actions, track progress, and support auditability
  • Support automation through scripting, Splunk searches, and repeatable workflows using tools such as Python, PowerShell, Bash, or similar technologies
  • Support DevSecOps and CI/CD pipeline activities by helping integrate vulnerability management, configuration validation, and hardening requirements into development and deployment processes.
  • Coordinate with technical teams to ensure remediation, configuration, and database security activities are properly documented and supported by evidence
  • Provide technical guidance to stakeholders on remediation priorities, configuration risk, database hardening, and cyber hygiene improvement.
  • Support recurring reporting on vulnerability trends, remediation progress, configuration compliance, database hardening status, operational gaps, and risk reduction.
  • Help mature the risk-based asset management program by improving processes, automation, reporting, evidence generation, and stakeholder coordination
  • Direct and support enterprise vulnerability scanning, analysis, remediation prioritization, and reporting
  • Guide the development and enforcement of secure configuration baselines across systems and platforms
  • Coordinate database hardening, patching, scanning, and compliance activities with stakeholders
  • Review cyber hygiene findings and translate results into actionable remediation plans
  • Support evaluation of new technologies and products through security review and software approval processes
  • Develop or enhance dashboards, reporting, and metrics to improve visibility into risk and remediation progress
  • Support process improvement, automation, and operational maturity efforts across the RBAM function
  • Ensure work products, reporting, and technical activities align with DHS, client, and federal cybersecurity expectations
  • Lead and coordinate vulnerability management, configuration management, and database hardening activities

Requirements

What you’ll need
  • Bachelor’s degree in Information Technology, Information Systems, Computer Science, Computer Engineering, Electrical Engineering, or related technical field; or equivalent additional experience
  • 7+ years of total professional experience
  • 5+ years of technical experience in vulnerability management, configuration management, database hardening, or related security operations
  • Experience leading technical teams or workstreams in dynamic environments
  • Strong experience managing vulnerability remediation efforts across enterprise environments
  • Experience using vulnerability scanning tools such as Tenable/Nessus
  • Strong experience establishing, maintaining, and enforcing configuration baselines
  • Familiarity with remediation practices across Windows, Linux, network devices, containers, and cloud platforms
  • Strong knowledge of CVE, CVSS, NVD, and the CISA KEV catalog
  • Strong knowledge of configuration management principles and secure baseline enforcement
  • Familiarity with DISA STIGs, CIS Benchmarks, and secure hardening practices
  • Experience with enterprise dashboards, reporting, and ticketing workflows
  • Experience with scripting and automation using tools such as Python, PowerShell, Bash, or similar
  • Experience with a wide range of database technologies including:
  • Relational databases: Oracle, PostgreSQL, MySQL, MS SQL
  • NoSQL Databases: MongoDB
  • Cloud-native databases: AmazonRDS, Azure SQL, DynamoDB
  • Familiarity with DevSecOps and CI/CD pipeline concepts
  • Ability to assess and secure on-premises and cloud-hosted database environments
  • Experience with audit logging, encryption, masking, and technical evidence generation for compliance needs
  • Strong written and verbal communication skills
  • One active certification such as CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable
  • One active Agile certification such as PMI-ACP, SAFe Agilist, CSM, or comparable

Benefits

Comp & perks
  • Competitive salary, paid twice per month
  • Best in class medical coverage
  • 100% of medical premiums covered by True Zero
  • Company wide new business incentive programs
  • Contribution Incentives (i.e. white papers, blog posts, internal webinars, etc.)
  • 3 weeks of PTO starting + 11 Paid Holidays Annually
  • 401k Program with 100% company match on the first 4%
  • Monthly reimbursement of Cell Phone and Home Internet costs
  • Paternity/Maternity Leave
  • Investment in training and certifications to broaden and deepen your technical skills

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
vulnerability managementconfiguration managementdatabase hardeningscriptingautomationaudit loggingencryptiondata maskingtechnical evidence generationrisk-based asset management
Soft Skills
leadershipcommunicationteam coordinationstakeholder managementprocess improvementtechnical guidancereportingoperational maturityrisk reductiondynamic environment adaptability
Certifications
CASPGSECGSLCCISSPCEHCISMCISAPMI-ACPSAFe AgilistCSM