1

Cis Benchmark Jobs (NOW HIRING)

Senior Cybersecurity Engineer

Washington, DC ยท On-site

$129K - $177K/yr

DOD STIG/CIS Benchmark proficiency. * Understand the full security engineering lifecycle from requirements to deployment. * Knowledge of IaaS, PaaS and SaaS architectures. Essential Duties: * Subject ...

Senior Cybersecurity Engineer

Washington, DC ยท On-site

$129K - $177K/yr

DOD STIG/CIS Benchmark proficiency. * Understand the full security engineering lifecycle from requirements to deployment. * Knowledge of IaaS, PaaS and SaaS architectures. Essential Duties: * Subject ...

IT Systems Engineer

San Francisco, CA ยท On-site

$190K - $240K/yr

Endpoint hardening & macOS/Windows fleet management - configuration profiles, CIS benchmark enforcement, macOS scripting, software deployment, and patch management * Security automation - turn manual ...

Senior Cybersecurity Engineer

Washington, DC ยท On-site

$129K - $177K/yr

DOD STIG/CIS Benchmark proficiency. * Understand the full security engineering lifecycle from requirements to deployment. * Knowledge of IaaS, PaaS and SaaS architectures. Essential Duties: * Subject ...

Developing, establishing and integrating secure configuration baselines per DISA STIGs and CIS benchmark guidelines * Participate in creating secure architectures and designs * Ensuring security ...

Developing, establishing and integrating secure configuration baselines per DISA STIGs and CIS benchmark guidelines * Participate in creating secure architectures and designs * Ensuring security ...

Configuration of SOAR in accordance with DISA STIG and CIS Benchmark requirements. * Recommend system and process improvements to continually enhance security operations. * Assist security incident ...

Configuration of SOAR in accordance with DISA STIG and CIS Benchmark requirements. * Recommend system and process improvements to continually enhance security operations. * Assist security incident ...

Review CIS Benchmark compliance and flag noncompliant items for follow up. Perform IAM tasks including creating/removing users, updating policies, and adjusting group assignments. Route issues ...

Configuration of SOAR in accordance with DISA STIG and CIS Benchmark requirements. * Recommend system and process improvements to continually enhance security operations. * Assist security incident ...

next page

Showing results 1-20

Cis Benchmark information

See salary details

$13

$28

$53

How much do cis benchmark jobs pay per hour?

As of Jul 8, 2026, the average hourly pay for cis benchmark in the United States is $28.86, according to ZipRecruiter salary data. Most workers in this role earn between $24.04 and $33.41 per hour, depending on experience, location, and employer.

What are CIS Benchmarks?

CIS Benchmarks are a set of best practices and guidelines developed by the Center for Internet Security (CIS) to help organizations secure their IT systems and data. These benchmarks provide detailed configuration recommendations for a wide range of technologies, including operating systems, cloud platforms, and applications. By following CIS Benchmarks, organizations can reduce vulnerabilities, meet compliance requirements, and strengthen their overall security posture.

What are the key skills and qualifications needed to thrive as a CIS Benchmark Security Analyst, and why are they important?

To thrive as a CIS Benchmark Security Analyst, you need a strong understanding of information security principles, system hardening, and compliance frameworks, often supported by a degree in cybersecurity or related fields. Familiarity with CIS Benchmarks, security configuration assessment tools (such as CIS-CAT or Nessus), and relevant certifications like CISSP or CompTIA Security+ is typically required. Attention to detail, analytical thinking, and effective communication are crucial soft skills for interpreting results and collaborating with IT teams. These capabilities are vital to ensure organizational systems are properly secured, compliant, and resilient against cyber threats.

What is the difference between Cis Benchmark vs Security Analyst?

AspectCis BenchmarkSecurity Analyst
CredentialsNone specific, but familiarity with security standardsCertifications like CompTIA Security+, CISSP often preferred
Work EnvironmentSecurity configuration and compliance settingsMonitoring, analyzing security threats, incident response
Industry UsageUsed by organizations to establish security benchmarksEmployed in cybersecurity teams to protect systems

The Cis Benchmark focuses on creating security configuration standards, while a Security Analyst actively monitors and responds to security threats. Both roles are essential in cybersecurity, with the Cis Benchmark providing guidelines and the Security Analyst implementing and managing security measures.

What are some common challenges faced by professionals responsible for implementing CIS Benchmarks in an organization?

Professionals tasked with implementing CIS Benchmarks often face challenges such as balancing security with operational needs, ensuring consistent configuration across diverse systems, and managing resistance to change from stakeholders. Additionally, staying up to date with evolving benchmarks and remediating legacy systems to meet strict security controls can be complex. Collaboration with IT, security, and compliance teams is crucial to address these challenges effectively and maintain ongoing compliance.
Infographic showing various Cis Benchmark job openings in the United States as of July 2026, with employment types broken down into 83% Full Time, and 17% Contract. Highlights an 66% In-person, 17% Hybrid, and 17% Remote job distribution, with an average salary of $60,039 per year, or $28.9 per hour.
Senior Cybersecurity Engineer

Senior Cybersecurity Engineer

OneZero Solutions

Washington, DC โ€ข On-site

$129K - $177K/yr

Full-time

Medical, Dental, Vision, Life, Retirement, PTO

Posted 8 days ago


Job description

We are an employee-centric company that truly values our team members and the contributions they make to our customers and the missions they support. We pride ourselves on being forward-leaning thinkers and on building teams that are, and continue to be, technically proficient across a broad range of cyber mission areas. OneZero full-time employees receive a highly competitive benefits package, including health, dental, vision, and life insurance, a 401(k) with company matching, paid time off and holidays, an employee referral program, and educational assistance. Additional details are available on our website: https://www.onezerollc.com/careers/

Position Title:ย Senior Cybersecurity Engineer

Location:ย ย On-site in a SCIF in the National Capital Region (NCR) โ€“ Nebraska Avenue Complex, Washington, DC (work locations transitioning to ICCB Bethesda / St. Elizabeths). Telework is not authorized; a designated Key Person must be available on-site during core hours

Clearance: TS/SCI

Job Summary

Provides technical leadership for cybersecurity architecture, cloud security engineering, Zero Trust, AI security and DevSecOps integration across DHS Intelligence Enterprise environments.

Education and Experience:

  • Bachelor's degree in Engineering, Cybersecurity, or related field or a minimum of 14 years equivalent job experience working in an enterprise infrastructure security and engineering role.
  • Minimum of 10 years of security engineer experience.
  • Previous experience (at least 4 years) with performing security engineering in a cloud environment, specifically supporting AWS.
  • 10+ years of experience in cybersecurity engineering.
  • Experience with cloud security and hybrid environments.
  • Required: AWS certification, CISSP, Scrum (Agile/DevSecOps related),
  • Preferred: Linux, system administration, networking, and cloud proficiency.
  • Preferred Certifications: Azure/O365 cloud certs
  • Proficiency in Tenable and equivalent products.
  • Proficiency in static code analysis.
  • DOD STIG/CIS Benchmark proficiency.
  • Understand the full security engineering lifecycle from requirements to deployment.
  • Knowledge of IaaS, PaaS and SaaS architectures.

Essential Duties:

  • Subject matter expert for the organization in security standards and best practices.
  • Regularly perform security audits, vulnerability analysis, and provide reports.
  • Assess, and recommend scalable, flexible, and resilient cloud architectures incorporating IT security, AI considerations and safeguarding requirements.
  • Develop best practices and security standards for the organization.
  • Architect, design & implement Zero Trust solutions.
  • Develop, maintain and troubleshoot scripts to facilitate the integration and automation of security requirements throughout DevSecOps activities.
  • Review and recommend improvements in Enterprise Audit sharing agreements, processes, and technologies between client and other federal agency systems.
  • Design, implement, and improve secure system architectures aligned with DHS and IC requirements.
  • Perform system hardening, security configuration, and vulnerability mitigation for enterprise platforms and mission systems.
  • Integrate security controls into DevSecOps pipelines, automation frameworks, and Agile system development processes.
  • Evaluate, deploy, and integrate cybersecurity tools and technologies to enhance continuous monitoring and situational awareness.
  • Collaborate with cross-functional teams to embed cybersecurity engineering practices throughout the system lifecycle.

OneZero Solutions, LLC is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.

To request an accommodation, please contact us at recruiting@onezerollc.com or call (202) 987-2580.