Endpoint Security Engineer
Location: Washington, DC
Company: RIVA Solutions Inc
Category: Information Technology
Job Description Apply Now
Title: Endpoint Security Engineer
Location: Hybrid – Washington, DC
Terms: Full-Time
Clearance: Must be a U.S. Citizen and able to obtain a Public Trust
Travel: None
Location: Hybrid – Washington, DC
Terms: Full-Time
Clearance: Must be a U.S. Citizen and able to obtain a Public Trust
Travel: None
RESULTS. INNOVATION. VALUES. ACCOUNTABILITY.
That’s RIVA. Our employee-first approach has created a culture that attracts the best and brightest. By investing in people first and providing a flexible work environment, our employees have higher morale, productivity, and retention. At RIVA, people are our #1 priority.
That’s RIVA. Our employee-first approach has created a culture that attracts the best and brightest. By investing in people first and providing a flexible work environment, our employees have higher morale, productivity, and retention. At RIVA, people are our #1 priority.
Program Overview
RIVA Solutions is seeking a mission-driven Endpoint Security Engineer to support the Department of Health and Human Services (HHS) Office of Inspector General (OIG). This individual will work in a hybrid capacity based in Washington, DC, and provide technical security engineering, endpoint device protection, and vulnerability reporting services. This position plays a key role in ensuring cybersecurity compliance across HHS systems and endpoints while aligning with federal mandates such as NIST, FISMA, FedRAMP, and CISA directives.
Role Overview
The Endpoint Security Engineer will be responsible for engineering and maintaining secure endpoint systems, delivering vulnerability reports, and supporting Certification & Accreditation (C&A) processes. The role requires experience working in federal environments and familiarity with compliance standards, technical documentation, and presenting remediation strategies to leadership.
Responsibilities
Endpoint Security Engineering
- Bachelor’s degree in Information Systems, Computer Science, Engineering, or related field (or equivalent practical experience).
- 8+ years of experience in IT security engineering, endpoint security, vulnerability management, and C&A processes.
- Strong knowledge of federal IT security frameworks, including:
- NIST SP 800 series (800-53, 800-122, 800-157, 800-207, etc.)
- FIPS 140-2 and FIPS 201-2
- FedRAMP standards
- FISMA requirements
- CISA Binding Operational Directives (BODs) and KEV reporting requirements
- Hands-on experience with vulnerability assessment, CVE/KEV reporting, and remediation tracking.
- Experience preparing and presenting security findings and compliance reports to executive management.
- Expertise in endpoint engineering and SIEM integration.
- Strong documentation and technical writing skills, including C&A documentation.
Vulnerability Management & Compliance Reporting
- Monitor and assess CVE and Known Exploited Vulnerabilities (KEVs) published by CISA.
- Report and track vulnerabilities in compliance with CISA Binding Operational Directives (BODs).
- Deliver vulnerability and risk assessments to senior stakeholders.
- Support documentation related to SSPs, POA&Ms, and penetration test reports.
Security Support & Accreditation
- Assist with system security documentation, audit responses, and remediation efforts.
- Provide log forwarding support to SIEM systems for continuous monitoring.
- Safeguard Personally Identifiable Information (PII) following NIST SP 800-122 guidelines.
Required Qualifications
- Bachelor’s degree in Information Systems, Computer Science, Engineering, or equivalent experience.
- 5–8 years of experience in cybersecurity engineering and endpoint management.
- Familiarity with federal cybersecurity standards and compliance documentation, including:
- NIST SP 800 series (800-53, 800-207, etc.)
- FISMA, FedRAMP, and FIPS 140-2
- CISA Binding Operational Directives
- Hands-on experience with vulnerability management and reporting tools.
- Experience with system hardening, patching, and SIEM integrations.
- Strong technical writing and communication skills.
Preferred Qualifications
- Advanced degree in Cybersecurity, Computer Science, or related field.
- Security certifications (e.g., Security+, CISSP, CISM, CEH).
- Prior experience supporting HHS, DHS, DoD, or other federal agencies.
- Familiarity with Zero Trust Architecture and endpoint detection tools.
Salary
Up to $120,000 annually, based on experience and qualifications.
RIVA Benefits
- Health, Dental, and Vision Coverage
- Life Insurance
- Retirement Benefits / 401K with Company Matching
- HSA / FSA Spending Accounts
- Long- and Short-Term Disability
- Pet Insurance
- Wellness Program Initiatives
- RIVA Flex – Flexible Work Environment
- Additional Workplace Benefits
Equal Opportunity Statement
RIVA Solutions is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected class. If you need a reasonable accommodation to search for a job opening or to submit an online application, please email accommodations@rivasolutionsinc.com. Only messages left for this purpose will be returned.