Cybersecurity Engineer Jobs in Silver Spring, MD

POSITION SUMMARY:

?InquisIT is seeking a Cybersecurity Engineer to join us in Washington, DC.

This role will have responsibilities that encompass Security Operations and Engineer skill sets to help secure customer cloud computing, data center, and on-premise environments. The successful candidate will help set up, operate, and manage/maintain a variety of security solutions including vulnerability management, endpoint security, security information and event management, and governance/risk/compliance. The candidate will also help develop and maintain security policy and procedures, perform incident response and business continuity testing, work with the NIST Cybersecurity Framework and CIS Benchmarks, and assist with security audits as needed. At various times, production security operations tasks such as analysis of security issues and responding to security incidents will be required. The successful candidate should be a team player with a dynamic personality that can work effectively with end users and management for resolution of security incidents.

Please note, this is an on-site role, in Washington DC

POSITION SUMMARY

InquisIT is seeking a Cybersecurity Engineer to join our team in Washington, DC (on-site).

This role is focused on hands-on cybersecurity engineering, threat detection, and vulnerability management across cloud, data center, and on-premise environments. The ideal candidate will bring strong experience in penetration testing, threat hunting, and security analysis, with the ability to proactively identify, assess, and mitigate risks.

This position blends engineering and operational responsibilities, with a strong emphasis on offensive and proactive defensive security practices rather than purely reactive security operations.

Primary Responsibilities

• Lead and execute penetration testing activities, including application and network testing (e.g., Burp Suite)
• Perform threat hunting and threat intelligence analysis to proactively identify adversary activity and anomalous behavior
• Conduct deep security event analysis and incident investigation, identifying root cause and recommending remediation
• Manage and execute vulnerability management lifecycle, including:
  • Scanning (e.g., Qualys)
  • Risk prioritization
  • Remediation tracking and validation
• Develop and implement mitigation strategies for identified vulnerabilities and threats
• Leverage and integrate tools such as CrowdStrike, Elastic (ELK), and SIEM-as-a-Service platforms for detection and analysis
• Monitor systems and networks for suspicious activity and indicators of compromise (IOCs)
• Support incident response efforts, including containment, eradication, and recovery
• Develop and enhance detection capabilities, including rules, use cases, and analytics
• Assist in security assessments, audits, and compliance activities (NIST, CIS, STIGs)
• Maintain and improve security baselines, policies, and procedures
• Collaborate with engineering and infrastructure teams to secure systems by design

Experience and Qualifications

• 9+ years of experience in cybersecurity engineering, threat detection, or related field (12+ without degree)
• Strong hands-on experience in:
  • Penetration testing and application security testing
  • Threat hunting and behavioral analysis
  • Security incident analysis and response
  • Vulnerability management and remediation (Qualys preferred)
• Experience with security tools such as:
  • Qualys (or similar vulnerability management platforms)
  • CrowdStrike (EDR/XDR)
  • Burp Suite
  • Elastic / ELK Stack
  • SIEM or SIEM-as-a-Service platforms
• Experience analyzing network traffic and system-level security events
• Familiarity with modern adversary tactics, techniques, and procedures (TTPs)
• Experience supporting compliance frameworks such as:
  • NIST 800-53
  • CIS Benchmarks
  • DISA STIGs
• Experience supporting ATO processes, audits, and documentation (FISMA, FISCAM, etc.)
• Strong understanding of Windows and Linux (RHEL) environments
• Knowledge of cloud security (AWS and/or Azure preferred)

InquisIT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, InquisIT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

*The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Management reserves the right to modify, add, or remove duties and to assign other duties as necessary.