Senior Cybersecurity Engineer

Join a team where innovation meets mission. Our AI, cloud, cyber, and modernization solutions save agencies thousands of hours, safeguard national security, and strengthen health and humanitarian missions worldwide. With 1,700+ team members, 1,500+ AI/data experts, and 100+ prime contracts, we deliver at scale and with purpose.

We've been recognized as a Top Workplace by the Washington Post for six straight years and named to the Inc. 5000 Fastest Growing Private Companies 13 of the past 14 years. Credence is a welcoming home for those looking to grow and contribute to positive change. We encourage all employees to expand beyond their boundaries, dive into important world-changing Federal challenges.

Position Summary

Credence has an immediate need for a highly skilled and experienced Cybersecurity Engineering professional to support government cybersecurity oversight and the onboarding of new tools for government customers. In this role, you will lead a security team responsible for daily Security Operations (SecOps) activities, including proactive threat hunting, continuous monitoring and analysis of security alerts, vulnerability management across both on-premises and cloud environments, and formal reporting to the program management office and government stakeholders. Additionally, the qualified candidate will provide oversight of certification and accreditation (C&A) activities for existing technologies as well as new tools and platforms introduced into the target environment, ensuring alignment with federal cybersecurity and compliance requirements.

Responsibilities:

• Ensure the architecture and design of cloud-hosted IT systems are secure and meet DoD requirements
• Review Cloud security policy and provide recommendations for improvement to enhance the security posture within the cloud as well as the ability to meet protection, detection, monitoring, and response requirements for systems and data.
• Apply knowledge of current advances in cloud security engineering and cloud security threats to provide support for the deployment of programs and applications.
• Provide input to programs throughout the process of deployment to ensure systems meet DoD compliance requirements.
• Provide guidance to assessment staff in the performance of Cybersecurity Vulnerability Assessments as related to cloud hosting environments.
• Lead and mentor a cybersecurity team by providing technical leadership, strategic direction, and day-to-day management of security operations in support of mission and program objectives.
• Execute certification and accreditation (C&A) activities, including detailed review and validation of security artifacts within Governance, Risk, and Compliance (GRC) tools to ensure compliance with applicable federal frameworks and policies.
• Manage, prioritize, and oversee cybersecurity incidents, findings, and remediation activities, ensuring timely investigation, escalation, resolution, and reporting in accordance with established SLAs and program requirements.
• Assess and evaluate novel and emerging technologies for security compliance, risk posture, and operational suitability prior to deployment within government environments.
• Ensure compliance with vulnerability management processes by overseeing continuous scanning, analysis, prioritization, remediation, and verification across on-premises systems and cloud-based infrastructure.
• Review, track, and execute Plans of Action & Milestones (POA&M), coordinating with engineering teams, system owners, and government stakeholders to mitigate risk and close findings within required timelines.
• Provide technical guidance and oversight for cloud security implementations, including secure architecture design, control inheritance, boundary definitions, and integration with enterprise security tooling.
• Support the implementation and maturation of Zero Trust tenants and architectures, ensuring alignment with federal Zero Trust principles, reference architectures, and agency-specific guidance.
• Provide ongoing analysis and guidance on the evolving cyber threat landscape, including adversary tactics, techniques, and procedures (TTP), to support proactive defense and risk-based decision-making

Join a team where innovation meets mission. Our AI, cloud, cyber, and modernization solutions save agencies thousands of hours, safeguard national security, and strengthen health and humanitarian missions worldwide. With 1,700+ team members, 1,500+ AI/data experts, and 100+ prime contracts, we deliver at scale and with purpose.

We've been recognized as a Top Workplace by the Washington Post for six straight years and named to the Inc. 5000 Fastest Growing Private Companies 13 of the past 14 years. Credence is a welcoming home for those looking to grow and contribute to positive change. We encourage all employees to expand beyond their boundaries, dive into important world-changing Federal challenges.

Position Summary

Credence has an immediate need for a highly skilled and experienced Cybersecurity Engineering professional to support government cybersecurity oversight and the onboarding of new tools for government customers. In this role, you will lead a security team responsible for daily Security Operations (SecOps) activities, including proactive threat hunting, continuous monitoring and analysis of security alerts, vulnerability management across both on-premises and cloud environments, and formal reporting to the program management office and government stakeholders. Additionally, the qualified candidate will provide oversight of certification and accreditation (C&A) activities for existing technologies as well as new tools and platforms introduced into the target environment, ensuring alignment with federal cybersecurity and compliance requirements.

Responsibilities:

• Ensure the architecture and design of cloud-hosted IT systems are secure and meet DoD requirements
• Review Cloud security policy and provide recommendations for improvement to enhance the security posture within the cloud as well as the ability to meet protection, detection, monitoring, and response requirements for systems and data.
• Apply knowledge of current advances in cloud security engineering and cloud security threats to provide support for the deployment of programs and applications.
• Provide input to programs throughout the process of deployment to ensure systems meet DoD compliance requirements.
• Provide guidance to assessment staff in the performance of Cybersecurity Vulnerability Assessments as related to cloud hosting environments.
• Lead and mentor a cybersecurity team by providing technical leadership, strategic direction, and day-to-day management of security operations in support of mission and program objectives.
• Execute certification and accreditation (C&A) activities, including detailed review and validation of security artifacts within Governance, Risk, and Compliance (GRC) tools to ensure compliance with applicable federal frameworks and policies.
• Manage, prioritize, and oversee cybersecurity incidents, findings, and remediation activities, ensuring timely investigation, escalation, resolution, and reporting in accordance with established SLAs and program requirements.
• Assess and evaluate novel and emerging technologies for security compliance, risk posture, and operational suitability prior to deployment within government environments.
• Ensure compliance with vulnerability management processes by overseeing continuous scanning, analysis, prioritization, remediation, and verification across on-premises systems and cloud-based infrastructure.
• Review, track, and execute Plans of Action & Milestones (POA&M), coordinating with engineering teams, system owners, and government stakeholders to mitigate risk and close findings within required timelines.
• Provide technical guidance and oversight for cloud security implementations, including secure architecture design, control inheritance, boundary definitions, and integration with enterprise security tooling.
• Support the implementation and maturation of Zero Trust tenants and architectures, ensuring alignment with federal Zero Trust principles, reference architectures, and agency-specific guidance.
• Provide ongoing analysis and guidance on the evolving cyber threat landscape, including adversary tactics, techniques, and procedures (TTP), to support proactive defense and risk-based decision-making

• Must possess IT-I Critical Sensitive security clearance/ Tier 5 (T5) with the ability to maintain eligibility throughout employment.

• Bachelor's degree in Computer Science, Information Technology, Business, or a related field, with relevant professional experience considered in lieu of formal education where appropriate.
• 5+ years of progressive experience in cybersecurity, including demonstrated success supporting or leading security operations, compliance initiatives, and complex enterprise security implementations.
• Proven expertise with GRC platforms such as eMASS, Archer, ArcAngel, or similar tools, including experience managing security controls, compliance artifacts, assessments, and authorization packages.
• At least two (2) years of experience achieving ATOs in a cloud environment (e.g., OCI, AWS, GCP, Azure)
• At least five (5) years of experience achieving ATOs for compartment DoD IT systems
• Must possess a current Cloud certification (e.g., OCI, AWS, GCP, Azure)
• Extensive knowledge of FedRAMP assessment methodology
• Proven experience working with OCI and enterprise DoD IT
• Strong hands-on experience with cybersecurity operations, including incident response, threat detection, vulnerability management, and continuous monitoring in regulated or government environments.
• Experience working within the Software Development Life Cycle (SDLC), including integration of security controls, documentation, and risk management activities across all phases of development.
• Familiarity with Agile and DevSecOps methodologies, and the ability to collaborate effectively with engineering, operations, and program management teams.
• Solid understanding of enterprise cybersecurity architectures, security control implementation, access control models, and data protection principles in on-premises, cloud, and hybrid environments.
• Excellent problem-solving, analytical, and communication skills, with the ability to translate complex technical and risk concepts into clear, actionable guidance for non-technical stakeholders.
• Demonstrated ability to work independently and collaboratively in a fast-paced, mission-driven environment while managing competing priorities and maintaining attention to detail.

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Paid Time Off (Vacation, Sick & Public Holidays)
• Family Leave (Maternity, Paternity)
• Short Term & Long Term Disability
• Training & Development
• Work From Home
• Free Food & Snacks
• Wellness Resources