Apply on Employer Site

Gauss Management Research & Engineering (GMRE Inc.) · 1 day ago

Cybersecurity Engineer

South Ogden, UT

Full-time

Onsite

Mid Level

3+ years exp

Gauss Management Research & Engineering (GMRE Inc.) is a small veteran-owned company that focuses on providing high-quality engineering and technical services. They are seeking a Cybersecurity Engineer to protect systems, networks, and data, ensuring compliance with federal cybersecurity frameworks while integrating security into enterprise systems operations.

AerospaceInformation TechnologyMechanical Engineering

Growth Opportunities

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Design, develop, and implement security solutions for enterprise infrastructure to protect against threats and prevent unauthorized access, use, or disclosure of information

Design and review secure system architectures, and harden operating systems, applications, and networks to meet DoD baseline security requirements

Monitor security alerts and events, investigate incidents, perform root-cause analysis, and support coordinated incident response and recovery activities

Deploy, configure, and manage cybersecurity tools and platforms — including SIEM solutions, intrusion detection/prevention systems, endpoint protection, and vulnerability management tools — while automating, monitoring, and reporting

Conduct vulnerability scans, penetration tests, and security assessments, and ensure that remediation activities are properly implemented and validated

Perform application security reviews, conduct code analysis, and support secure software development (DevSecOps) practices to identify and mitigate vulnerabilities in applications

Design and enforce network security architectures — including firewalls, VPNs, intrusion prevention systems, network segmentation, and zero-trust models — to safeguard mission-critical environments

Manage and monitor endpoint security, mobile device protection, and encryption solutions to secure systems processing of Controlled Unclassified Information (CUI)

Ensure secure configuration of servers, workstations, applications, and network devices, and oversee patch management processes to reduce vulnerabilities and meet defined remediation timelines

Develop, maintain, and update cybersecurity compliance documentation — including System Security Plans (SSPs), Plans of Action & Milestones (POA&Ms), policies, and procedures — to ensure alignment with DFARS, NIST, CMMC, and ISO 27001 requirements

Conduct and support internal and external security audits, perform control assessments, and participate in continuous monitoring activities to demonstrate compliance with NIST SP 800-171, NIST SP 800-53, DFARS, CMMC, and ISO 27001

Continuously research and evaluate emerging threats, vulnerabilities, technologies, and defensive techniques, and recommend proactive measures to strengthen the organization’s cybersecurity posture

Qualification

Cybersecurity principlesNIST complianceVulnerability managementSIEM toolsISO 27001Penetration testingNetwork securityCompTIA Security+CompTIA CySA+CISSPCommunication skillsOrganizational skillsTeam collaborationFlexibilityAttention to detail

Required

Strong understanding of cybersecurity principles, best practices, Department of Defense (DoD), and ISO 27001 security requirements

Experience with NIST special publications, ISO 27001, risk management, and similar compliance standards

Vulnerability management at an enterprise level

Tools management; SIEM, SOAR, Penetration Testing, End-point management

Excellent written and verbal communication skills, with the ability to convey complex information to both technical and non-technical audiences

Strong organizational skills and keen attention to detail

Ability to work effectively in cross-functional teams and build collaborative, positive working relationships

Flexibility and adaptability to changing priorities, evolving threats, and dynamic mission requirements

Bachelor's degree in Cybersecurity, Computer Science, Information Technology

Minimum of three (3) years of relevant experience in cybersecurity and information security

Experience performing cybersecurity hardening in Microsoft Azure

Experience working with security tools and technologies such as SIEM platforms, intrusion detection/prevention systems (IDS/IPS), and vulnerability scanners

Experience in NIST 800-171 and ISO 27001

Strong understanding of security protocols, cryptography, and network security principles

Required certification: CompTIA Security+ - Must be in Active status

Must have ability to obtain and maintain an active U.S. SECRET clearance and be subject to a government security investigation

Driving or renting a car for company business is expected with some frequency. For insurance purposes, a valid driver's license is required

Prolonged periods of sitting at a desk and working on a computer

Must be able to lift to 25 pounds at a time

Must be able to safely climb and work from ladders

Occasional travel - You may be expected to travel for this position for meetings, trainings, and/or site visits