CND Cybersecurity Engineer

June 25, 2025
  • Contract-To-Hire
  • Suffolk VA

TECHEAD

To Apply for this Job Click Here

Always Connecting, Always Evolving.

TECHEAD is seeking qualified applicants for the following Contract to Hire position – CND Cybersecurity Engineer / Suffolk VA – (JOB-21540). If you are looking for a new opportunity and this position looks to be a fit, please apply to see the TECHEAD difference that has made us successful for 30+ years!

You can find more about our team and values by checking us out at TECHEAD.com or on Glassdoor

Job Description:

Continuous Network Defense (CND) Cybersecurity Engineer

We’re looking for a highly skilled and experienced Continuous Network Defense (CND) Cybersecurity Engineer to join our team. In this role, you’ll be instrumental in protecting our network infrastructure by leveraging a suite of cutting-edge cybersecurity tools and strategies. You’ll act as the subject matter expert for our CND tools, ensuring robust defense against evolving cyber threats in compliance with all applicable DoD Instructions, policies, and regulations.

Key Responsibilities

As a CND Cybersecurity Engineer, you will:

  • Vulnerability Management: Utilize Tenable and Nessus to conduct regular vulnerability and discovery scans, analyze results, and develop effective mitigation strategies to reduce our overall risk.
  • Endpoint Security: Manage Trellix ePO to deploy and configure endpoint products (e.g., ENS, PA, DLP), enforcing security policies and responding to and mitigating potential threats.
  • Network Access Control: Implement ForeScout policies for our Comply-To-Connect (C2C) initiative, ensuring continuous compliance and quarantining unauthorized or non-compliant devices.
  • External Asset Monitoring: Monitor Cortex Xpanse to identify and assess external-facing assets, responding to alerts with corrective actions to mitigate findings.
  • Continuous Monitoring & Risk Scoring (CMRS): Ensure continuous data flow to the DoD’s CMRS system, including endpoint security data (Trellix), vulnerability and flaw remediation (Tenable), and security compliance data (ForeScout).
  • Intrusion Prevention: Configure, modify, and deploy security policies on Cisco Firepower Management Console (FMC) to enforce intrusion prevention (IPS) at the network security level.
  • DNS/DHCP Monitoring: Utilize and validate DNS and DHCP data within Infoblox, monitoring for anomalous records, unauthorized entries, and removing duplicate records.
  • Active Directory Auditing: Implement AD Audit Engine to detect and investigate anomalous, malicious, or malformed activity within Active Directory, identifying potential insider threats or compromised accounts.
  • Threat Hunting: Conduct proactive threat hunts and active/passive reconnaissance using network traffic analysis, heuristic analysis, and cybersecurity data analysis to identify and mitigate Indicators of Compromise (IoCs), misconfigured systems, and Advanced Persistent Threat (APT) actors.

Qualifications

Clearance

  • TS/SCI clearance is required.

Certifications (IAT Level III)

  • One of the following certifications is required:
    • CISA
    • GSE
    • SCNCA
    • CISSP (or Associate)
    • GCIH
  • You must also possess the following functional area training certificates:
    • DISA ACAS Operator Computer Based Training
    • Annual Cyber Awareness Training

Required Skills & Experience

  • A Master’s degree in Cybersecurity or a related field, or at least 10 years of experience in cybersecurity engineering with a focus on Government-approved cybersecurity tools.
  • A minimum of 5 years of experience related to DoD cybersecurity vulnerability detection and response, utilizing tools within FISMA compliance.
  • Hands-on experience with big data analytical tools such as Elasticsearch and Splunk.

TECHEAD’s mission is to make our on-site associates successful by placing them in the right environment so they can grow and prosper. How we treat and respond to our clients and employees is a reflection of who we are and makes us stand out from the rest. Keeping our business focused on building and maintaining relationships with our employees and clients is the key to our success. We won’t strive for anything less.

TECHEAD provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

For more information on TECHEAD please visit www.techead.com.

No second parties will be accepted.

To Apply for this Job Click Here

  Apply with Google   Apply with Twitter
  Apply with Github   Apply with Linkedin   Apply with Indeed
  Stack Overflow