Senior Cyber Security Engineer - Washington, DC

About Constellis & LEXSO

Constellis delivers integrated risk management and security solutions that protect people, infrastructure, and operations worldwide. LEXSO (Layered Extended Security Operations) is Constellis' advanced, sensor-agnostic integration platform designed to respond at the speed of sensing. While remaining sensor agnostic, by example, we fuse LiDAR, radar, cameras, UAS, access control systems, Counter-UAS systems, and AI detection into a unified operational platform that protects critical national infrastructure.

We are seeking a hands-on Senior Cyber Security Engineer to lead the security architecture, compliance, and DevSecOps implementation for the LEXSO platform.

Position Overview

The Senior Cyber Security Engineer will bridge the gap between "Compliance" and "Engineering." You will not just audit the system-you will help build it securely. This role is responsible for achieving Authority to Operate (ATO) under DoD Risk Management Framework (RMF) standards among other federal certifications while embedding security automation directly into our CI/CD pipelines. You will work side-by-side with backend and frontend engineers to harden the microservices architecture against evolving threats.

Responsibilities

• Lead the technical execution of the RMF process to achieve and maintain Authority to Operate (ATO) for the LEXSO platform
• Implement security controls in accordance with NIST SP 800-53 and DoD SRG/STIGs
• Generate and maintain artifacts required for eMASS, including SSPs, POAMs, and SARs
• Conduct self-assessments using ACAS (Nessus) and SCAP Compliance Checker (SCC) to identify vulnerabilities
• Integrate automated security testing (SAST/DAST) tools (e.g., SonarQube, OWASP ZAP) into the GitLab/GitHub CI/CD pipeline

• Develop scripts (Python, Bash, Ansible) to automate patching and configuration management for Linux (RHEL/Ubuntu) servers
• Implement Container Security scanning for Docker/Kubernetes environments to detect vulnerabilities before deployment
• Enforce "Security as Code" principles using Terraform or Helm charts

• Analyze vulnerability scan results and write the code/scripts to remediate findings (e.g., fixing SSH configurations, patching libraries, hardening NGINX)
• Harden APIs and microservices by implementing secure authentication (OAuth2/JWT/mTLS) and encryption standards (FIPS 140-2)
• Respond to zero-day threats and CVEs by rapidly deploying hotfixes to the production environment

• Conduct threat modeling sessions with the engineering team to identify attack vectors in the multi-sensor architecture
• Design and implement secure logging and auditing pipelines (ELK Stack/Splunk) to meet audit requirements
• Advise on the secure architecture for integrating third-party sensors (LiDAR, Radar) and IoT devices

Qualifications

• 8+ years of experience in Cyber Security Engineering or DevSecOps.
• Proven track record of achieving ATO (Authority to Operate) for a software system in a DoD/Federal environment
• Hands-on experience with RMF, NIST 800-53, and DISA STIGs
• Proficiency in scripting languages (Python, Bash) for automation (This is a coding role, not just an auditing role)
• Experience with vulnerability scanning tools (ACAS/Nessus, SonarQube, Burp Suite)
• Strong knowledge of Linux Security (SELinux, iptables, hardening)
• Experience with CI/CD tools (GitLab CI, Jenkins) and Container Security (Docker/K8s)
  
  
  
  • Certifications (Must meet DoD 8570 IAT Level II/III):
  
  
  
  
• CISSP, CASP+, or Security+ CE (Required)
• Active Secret Security Clearance
• Bachelor's degree in Computer Science, Cyber Security, or related technical discipline.
• Preferred Experience:
  
  
  
  • Experience securing cloud environments (AWS GovCloud / Azure Government)
  • Experience with FedRAMP authorization processes
  • Familiarity with "Zero Trust" architecture principles
  • Previous experience as a Software Developer before moving into Security
  
  
  
  

BENEFITS

Constellis offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflect its commitment to creating a diverse and supportive workplace.

• Medical, Vision & Dental Insurance
• Paid Time-Off Program & Company Paid Holidays
• 401(k) Retirement Plan
• Insurance: Basic Life & Supplemental Life
• Health & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Personal Development & Learning Opportunities
• On-the-job Training, Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach

WORKING CONDITIONS

Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are Monday-Friday from 8:00 am to 5:00 pm, however some extended or weekend hours may be required.

PHYSICAL REQUIREMENTS

May be required to lift and carry awkward items weighing up to 25 lbs. Requires intermittent standing, walking, sitting, squatting, stretching and bending throughout the workday.