Endpoint Security Engineer bei RIVA Solutions Inc.
RIVA Solutions Inc. · Washington, Vereinigte Staaten Von Amerika · Hybrid
- Senior
- Optionales Büro in Washington
Location: Washington, DC – Hybrid to Remote Schedule
Terms: Full-Time
Clearance: Must a US Citizen and be able to obtain and maintain a Public Trust clearance
That’s RIVA. Our employee-first approach has manifested a culture that attracts the best and brightest. By investing in people first and providing a flexible work environment, our employees have higher morale, higher productivity rates, and lower turnover. At RIVA, people are our #1 priority.
- Engineer security solutions for endpoint hardware, software, and services in compliance with NIST SP 800-53, 800-207 (Zero Trust), FedRAMP, DISA STIGs, and FIPS standards.
- Analyze and refresh government-furnished security systems and assets.
- Conduct reviews of network configurations and firewall rules; deliver recommendations for security improvements.
- Safeguard Personally Identifiable Information (PII) per NIST SP 800-122.
- Ensure SIEM log forwarding and support audit requirements.
- Track and assess CVE/KEV threats from CISA.
- Deliver technical and executive reports on vulnerabilities, remediation plans, and risk ratings.
- Monitor and ensure compliance with CISA Binding Operational Directives (BODs).
- Present findings and mitigation strategies to stakeholders.
- Support a variety of endpoint devices including desktops, laptops, tablets, and mobile phones.
- Design endpoint engineering plans, integration procedures, and compliance tests.
- Maintain SOPs, system security documentation, and support SSPs, POA&Ms, and penetration test reports.
- Mitigate high-risk vulnerabilities within 30 days and moderate-risk vulnerabilities within 90 days.
- Collaborate with HHS OIG teams to respond to incidents and escalations.
- Bachelor’s degree in Information Systems, Computer Science, Engineering, or related field (or equivalent experience).
- 8+ years in IT security engineering, endpoint security, vulnerability management, and C&A processes.
- Deep familiarity with federal IT security frameworks and compliance standards including:
- NIST SP 800 series (800-53, 800-122, 800-207, etc.)
- FedRAMP
- FISMA
- FIPS 140-2/201-2
- CISA Binding Operational Directives (BODs)
- Demonstrated experience in endpoint security design, CVE/KEV vulnerability tracking, and SIEM integration.
- Strong technical writing and presentation skills, particularly for executive audiences.
- Master’s degree in Cybersecurity or related field.
- Industry certifications such as CISSP, CISM, CISA, CEH, Security+.
- Experience supporting cybersecurity efforts within HHS, DoD, or other federal agencies.
- Proficiency in Zero Trust Architecture, EDR, and vulnerability management platforms.
- Health, Dental, and Vision Coverage
- Life Insurance
- Retirement Benefits / 401K with Company Match
- HSA/FSA Spending Accounts
- Long- and Short-Term Disability
- Pet Insurance
- Wellness Program Initiatives
- RIVA Flex
- Additional Workplace Benefits