SECURITY ENGINEER II

Job Description

Job Description

About the Role

Triple Point Security is seeking a mid-level Security Engineer to support the implementation, operation, and continuous improvement of security capabilities across our federal, state, local, and commercial client engagements. Working within a team of cybersecurity professionals, the Security Engineer will contribute to a range of activities including security assessments, vulnerability management, security tool deployment, and compliance support. This role is well-suited for a technically capable engineer with hands-on IT security experience and strong communication and collaboration skills who is looking to grow their career within a specialized, fast-moving cybersecurity consulting firm and mentor junior team members.

Required Qualifications

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience)
• 4–7 years of experience in cybersecurity engineering, IT security operations, or a related technical role
• Hands-on experience with security tools such as SIEMs, vulnerability scanners, EDR/XDR platforms, and network security monitoring solutions
• Experience supporting or conducting risk and vulnerability assessments (RVAs) in federal, state, and local government IT environments
• Solid understanding of network security fundamentals, authentication protocols, and access control models
• Hands-on experience with endpoint network configuration, application installation, virtualization, and troubleshooting
• Strong written and verbal communication skills, including the ability to document technical findings clearly
• Working knowledge of NIST SP 800-53, FISMA, and federal security compliance requirements
• Must be a U.S. citizen eligible for a federal security clearance

Preferred Qualifications

• Experience with cloud security operations in AWS, Azure, or GCP environments
• Familiarity with Zero-Trust Architecture (ZTA) concepts and implementation
• Exposure to DevSecOps practices and secure software development lifecycles
• Experience working within or supporting government agencies
• Prior experience in a consulting or managed security services environment

Clearance & CertificationsClearance

• Active Public Trust preferred
• Must be a U.S. citizen and eligible to obtain or maintain a federal security clearance

Certifications (Required or Preferred)

• CompTIA Security+ — Required (or equivalent DoD 8570/8140 baseline certification)
• CompTIA CySA+, CEH, or GIAC GSEC — Preferred
• Cloud security certification (AWS Associate-level or Specialty, AZ-104, or GCP Professional-level) — Preferred
• CISSP or CAP — A plus for candidates at the upper end of the experience range

Responsibilities

• Support the deployment, configuration, and operation of security tools and platforms across client environments
• Conduct and assist with vulnerability assessments, remediation verification, penetration testing support, and security control reviews
• Document technical findings, remediation recommendations, and security assessment results using clear, concise, and actionable written communication
• Contribute to continuous monitoring activities and support clients in maintaining their security posture
• Monitor security events, analyze alerts, and participate in incident response activities
• Assist in the development and maintenance of system security plans (SSPs), POA&Ms, and other compliance documentation
• Collaborate with system owners, architects, engineers, and program managers to implement security requirements across client systems in dynamic team environments
• Support ATO (Authority to Operate) processes, including evidence collection and control validation
• Communicate technical information effectively across different stakeholder groups using clear, concise, and actionable written and verbal communication

Skills

The ideal candidate is technically hands-on and detail-oriented, with the flexibility to move between security operations, compliance support, and client-facing deliverable production. They bring a strong foundational understanding of security requirements and frameworks and are motivated to deepen their expertise across Triple Point’s service areas — including ZTA, DevSecOps, and secure cloud and AI adoption — as they grow within the firm. They are a strong collaborator, effective communicator, and independent problem-solver eager to learn new technologies and grow their existing skills.

About Triple Point Security

Triple Point Security is a technical cybersecurity and cloud security firm that provides highly specialized services to organizations with complex, hybrid IT environments. We have experienced tremendous growth through our Zero-Trust Architecture (ZTA), DevSecOps, and secure AI adoption services and are looking to continue this momentum with our cloud service provider, technology, and teaming partners.

Our professionals possess public sector experience in the Department of Health and Human Services (HHS), Department of Defense (DOD), and Department of Justice (DOJ). They also possess private sector experience in telecommunications, finance, managed service providers, and Internet infrastructure. We combine our technical knowledge with best practices from the public and private sectors and apply them to IT security solutions and services that support our clients in achieving their business and mission objectives.