Job Description
Everforth ECS is seeking a Cybersecurity Engineer to work in our Ft. Meade, MD customer site in a full-time, onsite capacity.
Everforth ECS is seeking a Cybersecurity Engineer to support robust Impact Level (IL) 5 and IL6 programs in an operational DoD environment that houses multiple U.S. Coalition Mission Partner Environments (MPE). This role is heavily focused on serving as the primary ACAS and Trellix engineer responsible for enterprise vulnerability management, endpoint security operations, and maintaining the overall cyber security posture across multiple enclaves. The ideal candidate will have strong hands-on experience administering ACAS infrastructure, managing Trellix ESS through ePolicy Orchestrator (ePO), analyzing vulnerability and endpoint security data, and supporting remediation and compliance efforts in a highly regulated DoD environment.
In addition to ACAS and Trellix administration, the Cybersecurity Engineer will support security monitoring, incident response, vulnerability assessments, endpoint protection, and RMF/STIG compliance activities across cloud, hybrid, and on-premise environments. This role will work closely with infrastructure, operations, and mission partner teams to identify security risks, investigate threats, and ensure enterprise systems remain compliant and operationally secure.
This position is a demanding, high-energy role that requires strong technical expertise in vulnerability management, endpoint security, and cyber operations within classified and mission-critical environments. The ideal candidate has advanced technical acumen; strong analytical thinking and problem-solving skills; and the ability to independently manage and optimize enterprise ACAS and Trellix security operations. The Cybersecurity Engineer reports to the Senior Technical Program Manager and collaborates closely with technical peers.
Responsibilities:
- Act as the primary cyber operations POC for ACAS and Trellix operations within a secure DoD environment
- Serve as the primary SME for enterprise vulnerability management and Trellix endpoint security operations
- Administer and maintain ACAS infrastructure, including Nessus scanners, plugin updates, credentialed scans, and scan scheduling
- Produce ACAS vulnerability reports, metrics, and POA&M tracking artifacts supporting RMF compliance
- Administer and maintain the ESS platform, including ePO policy management, endpoint protection, and agent health
- Monitor and investigate Trellix endpoint alerts, suspicious activity, and security events
- Assist with tuning Trellix detections, exclusions, and alerting logic to reduce false positives
- Support vulnerability remediation efforts with infrastructure and MPE teams
- Monitor and configure alerts and security events within Microsoft Sentinel
- Maintain endpoint security configurations, updates, and compliance across enterprise systems
- Support RMF documentation, security assessments, and compliance activities
- Monitor overall system security posture and identify emerging risks
- Other duties, as assigned.