GRC Engineer – CSAM en ECS Federal

ECS is seeking a GRC Engineer – CSAM to work in our Bethesda, MD office.  

ECS Federal is seeking a GRC Engineer to operate and evolve the Federal Agency’s Cybersecurity Assessment and Management (CSAM) GRC platform. This full-time role blends engineering and operations to deliver day-to-day O&M, integrations, and reporting—while maturing authorization workflows toward Ongoing Authorization (OA). The engineer will also apply OSCAL skills as a required capability to support machine-readable compliance artifacts and audit-ready evidence.

Position Responsibilities:

• Serve as the GRC Engineer for CSAM GRC O&M: platform configuration, upgrades/patching, role management, troubleshooting, and performance tuning.
• Design, deploy, and manage cybersecurity systems, management software, and reporting software that integrate with CSAM.
• Build and run data pipelines from discovery/CMDB/vulnerability tools into CSAM; enforce normalization and boundary mappings.
• Manage sensors and supporting components (tuning, updates, installation).
• Assist with development and updates to cybersecurity and computer usage policies reflected in CSAM workflows.
• Advance OA by embedding continuous monitoring evidence, automated control assessments, and risk scoring into CSAM processes.
• Administer supporting Linux/Windows infrastructure and coordinate with platform, network, and database teams.
• Respond to incidents and support remediation, ensuring platform artifacts and reports are complete and defensible for auditors.
• Produce clear, concise documentation (runbooks, SOPs, data dictionaries, mappings, and change records).

Salary Range: $120,000 - $140,000

General Description of Benefits