Security Engineer

Everforth ECS is seeking a Security Engineer to work in our Portland, OR office. Please Note: This position is contingent upon contract award.

 

The Security Engineer supports the design, implementation, configuration, and maintenance of cybersecurity technologies, controls, and secure infrastructure capabilities across enterprise systems and security operations environments. This role helps ensure that systems, applications, networks, endpoints, and cloud environments are protected, monitored, hardened, and aligned with organizational security requirements. 

The ideal candidate has hands-on experience implementing and supporting security tools, troubleshooting technical security issues, applying secure configuration standards, and collaborating with SOC analysts, system administrators, network engineers, control assessors, and program stakeholders to improve the organization's security posture. 

 

Key Responsibilities 

Security Engineering & Implementation 

• Implement, configure, maintain, and support cybersecurity technologies, tools, platforms, and technical security controls. 

• Assist with engineering secure solutions for enterprise systems, networks, endpoints, cloud environments, applications, and operational support platforms. 

• Support security architecture decisions by providing implementation input, technical feasibility analysis, and operational considerations. 

• Apply security engineering practices across the system lifecycle, including planning, deployment, configuration, testing, operations, and sustainment. 

System Hardening & Secure Configuration 

• Apply secure configuration baselines, hardening standards, and technical control requirements to servers, endpoints, network devices, applications, and cloud services. 

• Review system configurations, permissions, authentication settings, logging settings, encryption settings, and access controls for alignment with security requirements. 

• Support implementation of vulnerability remediation, configuration changes, patching activities, and risk reduction measures in coordination with system owners. 

• Validate that security controls are operating as intended and support remediation when control gaps or technical weaknesses are identified. 

Security Tool Support & Integration 

• Support deployment, tuning, and sustainment of tools such as SIEM, EDR, vulnerability scanners, firewalls, IDS/IPS, email security, identity security, logging, and monitoring platforms. 

• Integrate security tools with enterprise systems, data sources, ticketing systems, dashboards, identity platforms, and incident response workflows. 

• Troubleshoot tool performance, connectivity, data collection, alerting, agent health, policy enforcement, and integration issues. 

• Coordinate with SOC analysts, Splunk engineers, threat hunters, and system administrators to ensure security tooling supports monitoring, investigation, and response requirements. 

Vulnerability, Risk & Remediation Support 

• Analyze vulnerability scan results, configuration findings, security alerts, and control weaknesses to support prioritization and remediation planning. 

• Work with technical teams to identify root causes, validate remediation options, and confirm closure of vulnerabilities or security findings. 

• Support risk treatment activities by documenting technical constraints, compensating controls, residual risk, and remediation status. 

• Assist control assessors and assessment leads by providing technical evidence, configuration details, screenshots, logs, and implementation explanations. 

Incident Response & Operational Support 

• Provide technical engineering support during security incidents, investigations, containment activities, eradication efforts, and recovery actions. 

• Assist with log collection, tool validation, endpoint or network containment actions, access changes, system isolation, and forensic preservation activities as directed. 

• Develop and maintain scripts, queries, automation, and repeatable procedures to improve security operations and engineering response efficiency. 

• Participate in after-action reviews and support implementation of technical improvements based on incident lessons learned. 

Documentation, Standards & Continuous Improvement 

• Develop and maintain technical documentation, configuration standards, diagrams, implementation guides, runbooks, and operational procedures. 

• Support change management, configuration management, asset documentation, and security engineering governance processes. 

• Recommend improvements to security tools, engineering processes, baselines, automation, monitoring coverage, and technical control implementation. 

• Stay current with emerging threats, security technologies, hardening guidance, and engineering best practices relevant to enterprise security environments.