Remote Forensic Engineer Jobs in California (NOW HIRING)

LMI is seeking a skilled Information System Security Engineer (ISSE) with hands-on experience in AWS cloud security to provide advanced cybersecurity engineering and Risk Management Framework (RMF) support for Department of Defense (DoD) cloud-based systems. This position focuses on designing, implementing, and maintaining secure AWS environments aligned with DoD Cloud Computing Security Requirements Guide (CC SRG), NIST SP 800-53, and DISA STIGs/SRGs to support Authorization to Operate (ATO) efforts.

LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed.

Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value.

This position can be remote but requires quarterly travel for planning increments.

This position requires an active SECRET clearance; TS/SCI preferred.

• Architect and manage robust access control strategies using AWS Identity and Access Management (IAM), enforcing the principle of Least Privilege across all roles and users.

• Implement encryption and key management solutions using AWS Key Management Service (KMS) and related tools to protect data at rest and in transit, aligning with DoD data classification standards.

• Deploy and configure native AWS security services (e.g. GuardDuty, Security Hub, Inspector, and Config) to provide continuous threat detection, compliance monitoring, and automated remediation.

• Collaborate with network teams to secure VPCs using AWS Network Firewall, WAF, and hybrid connectivity solutions (Direct Connect, VPN) within a GovCloud environment.

• Lead technical implementation and validation of NIST SP 800-53 and DoD CC SRG controls to achieve and maintain ATO.

• Serve as a technical SME for RMF documentation and artifact generation within eMASSor other DoD compliance systems.

• Design, test, and implement DISA STIG/SRG-based configuration hardening across AWS services, operating systems, and containerized workloads.

• Conduct continuous vulnerability scanning and monitoring using DoD-approved tools (ACAS/Nessus), coordinating remediation and risk mitigation activities.

• Integrate security into CI/CD pipelines using Infrastructure-as-Code (IaC) tools such as Terraform or CloudFormation to automate compliance and security controls.

• Build and maintain centralized, compliant logging architectures using Splunk, Elastic, or equivalent SIEM platformsto ensure event visibility and retention per DoD policy.

• Participate in incident response activities for cloud-based threats, performing forensic analysis and recommending corrective actions.

• Collaborate with DoD stakeholders, system owners, and developers to embed security throughout the system lifecycle and support RMF accreditation efforts.

• Implement and maintain Trellix ePolicy Orchestrator (ePO) infrastructure, including deployment and lifecycle management of Trellix endpoint security solutions (Endpoint Security, Policy Auditor, Application Control).

• Manage ePO extensions, repositories, and Agent Handlers to ensure scalability, performance, and operational resilience across the enterprise.

• Active SECRET clearance required; TS/SCI preferred

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)

• 3–5+ years of experience in information security, with at least 3 years focused on AWS cloud security engineering

• Deep experience with DoD RMF, NIST SP 800-53, DoD CC SRG, and DISA STIG/SRG compliance frameworks

• Strong hands-on expertise with AWS security services (IAM, KMS, GuardDuty, Security Hub, Config)

• Experience with Docker, Kubernetes, and system hardening for Linux/Windows environments

• Proficiency in IaC tools (Terraform, CloudFormation) for managing and enforcing security policies

• Familiarity with ACAS/Nessus, continuous monitoring, and vulnerability management processes

• Experience integrating security within DevSecOps and CI/CD workflows

• Hands-on experience administering and maintaining Trellix ePolicy Orchestrator (ePO) in enterprise or DoD environments
• Experience deploying and managing Trellix endpoint security solutions (Endpoint Security,  Policy Auditor, Application Control)
• Experience managing ePO infrastructure components, including extensions, repositories, and Agent Handlers for scalability and performance

• Certifications:

  • DoD 8570/8140-M compliant (e.g., CISSP, CASP+, CISM) – required

  • AWS Certified Security – Specialty – highly preferred

  • Kubernetes certification (CKS/CKA) – a plus

Target Salary Range: $90,270.00 - $155,037.00

Disclaimer: 

The salary range displayed represents the typical salary range for this position and is not a guarantee of compensation. Individual salaries are determined by various factors including, but not limited to location, internal equity, business considerations, client contract requirements, and candidate qualifications, such as education, experience, skills, and security clearances.