We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
Paragon Technology Group, Inc. jobs

Security Engineer II

Paragon Technology Group, Inc.
82000.00 To 92000.00 (USD) Annually
United States, Illinois, Scott Air Force Base
May 05, 2026

Paragon is recruiting for a Security Engineer II to work on the PEO-T contract for USTRANSCOM.

Security Engineer II provides technical support in the areas of vulnerability and risk assessment, network security, product evaluation, and security implementation. Understands Information Security Continuous Monitoring (ISCM) concepts, security automation, and risk dashboarding tools. Must adhere to USTRANSCOM processes and procedures to identify and respond to risk while supporting efficient, accurate Assessment & Authorization (A&A) reporting to facilitate ongoing authorizations, secure release deployments, modernizations, migrations, and overall security enhancements. A high-level of autonomy is required for this role. Capable of defining solution recommendations and working with management to improve efficiency in processes and procedures. Capable of communicating technical details effectively within their assigned Program Management Offices (PMOs), translating complex security risks into operational or business impact for leadership and non-technical stakeholders. Effective communication skills and willingness to collaborate with peers and management are critical to success. May be asked to provide supplementary support to additional PMOs within the contract purview.

Tasks include, but are not limited to, the following:

  • Reviews evolving NIST requirements to support risk assessment activities associated with the affiliated system requirements and specifications (execution, mapping, and compliance tracking).
  • Prepares detailed specifications from which cybersecurity deficiencies identified during risk assessment will be mitigated/remediated and conducts follow-up risk assessment to ensure proper secure coding practices and STIG/SRG implementation are being built-in/enforced to the greatest extent possible.
  • Collaborates closely with government customers to develop appropriate POA&Ms and support risk acceptance activities as needed to support risk management processes. Reviews evolving National Institute of Standards and Technology (NIST) requirements to support risk assessment activities associated with the affiliated system requirements and specifications (execution, mapping, and compliance tracking).
  • Prepares detailed specifications from which cybersecurity deficiencies identified during risk assessment will be mitigated/remediated and conducts follow-up risk assessment to ensure proper secure coding practices and Security Technical Implementation Guide (STIG)/Security Requirements Guide (SRG) implementation are being built-in/enforced to the greatest extent possible.
  • Collaborate closely with government customers to develop appropriate Plan of Action and Milestones (POA&Ms) and support risk acceptance activities as needed to support risk management processes.
  • Responsible for designing and implementing solutions for protecting confidentiality, integrity, and availability of sensitive information.
  • Provides technical evaluations of IT systems and assists with making security improvements.
  • Participates in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operations impact to customer organization.
  • Conducts security product evaluations, and recommends products, technologies and upgrades to improve the organization's security posture.
  • Conduct testing and audit log reviews to evaluate the effectiveness of current security measures.
  • Participates in team initiatives including the drafting of deliverables and peer reviews of others' products.

Qualifications:

  • Experience developing/reviewing system authorization documentation (family plans and supplementary artifacts) in accordance with Department of War (DoW) implementation of the Risk Management Framework (RMF)
  • Experience participating in Technical Interchange Meetings (TIMs) on a wide range of Program Management Office (PMO) security engineering topics
  • Experience participating in acquisition program engineering milestone reviews
  • Experience coordinating and collaborating with Development contract personnel in Security, System Administration, System Engineering, and other supporting roles to identify, document, and plan for security enhancement requirements and to resolve program security issues
  • Experience coordinating and collaborating with inheritance providers (e.g., enterprise teams in USTRANSCOM, Surface Deployment and Distribution Command [SDDC], Air Mobility Command [AMC], Defense Information Systems Agency [DISA] Security Office, etc.) to determine hybrid security requirements and established appropriate inheritance relationships using tools provided
  • Experience performing security activities to maintain authorization of PMO programs (e.g., categorization, control selection, evidence collection and audit, risk assessments, reporting, security impact assessments affiliated with change management practices, Incident Response (IR)/Contingency Plan (CP) Exercise Support, Federal Information Security Management Act (FISMA) Reporting, Continuous Monitoring, etc.)
  • Experience using DoW Enterprise Mission Assurance Support Service (eMASS) system
  • Experience providing support to ensure PMO systems are designed, developed, and deployed in accordance with applicable Executive Orders, Federal Policy, DoW regulations, USTRANSCOM requirements, and commercial best practice
  • Experience reviewing vulnerability scans using Assured Compliance Assessment Solution (ACAS)/Nessus, analyzing outputs to identify vulnerabilities, recommending mitigation and remediation actions, ingest actions in eMASS
  • Experience supporting the Government Customer through critical review of documented DISA STIGs/SRGs, providing technical feedback and recommendations to customer for areas of improvement in reporting accurate qualitative results, and ingesting final product in the government-supplied tool to support risk assessment of the NIST controls.
  • Experience generating, sustaining, extending (when appropriate), and reporting status associated with POA&M requirements
  • Experience conducting and evaluating security testing activities including security assessments and audits
  • Experience supporting operational security activities (e.g., risk mitigation, host security, encryption, intrusion detection, Virtual Private Network [VPN] implementations, and viral detections)
  • Experience with security lockdown and/or hardening of servers and network devices
  • Ability to coordinate overall security strategy with multiple agencies, Authorizing Official (AO) representatives
  • Ability to coordinate with developers, vendors, and other government organizations/agencies to assess security engineering issues
  • Experience recommending changes to network and security architecture to improve security posture and meet operational performance requirements

Required Education/Certification

  • Must be a US Citizen with an active DoW Secret, or higher, clearance
  • Bachelor's degree in Computer Science, Cybersecurity, or equivalent Information Technology academic studies
  • Active IAM II Certification in Good Standing (e.g., ISC2 CGRC [formerly CAP], CompTIA Security X [formerly CASP+CE], ISACA CISM, ISC2 CISSP (or associate), GIAC GSLC, EC-Council CCISO)
  • 1+ years of Security Engineering experience as Information Systems Security Officer (ISSO), Information Systems Security Manager (ISSM), Security Controls Assessor (SCA), Cyber Security Analyst/Engineer

What Success Looks Like

Success in this role is demonstrated by clearly defined, traceable requirements that reflect validated operational needs; well-facilitated stakeholder forums that drive timely decisions; and functional designs that enable development teams to deliver compliant, mission-aligned capabilities. The Analyst is trusted by government leadership as a reliable integrator across Services, Agencies, and functional domains.

How the Work Gets Done at Paragon

At Paragon, work is executed through disciplined collaboration, accountability to mission outcomes, and respect for government processes. Analysts lead with preparation and clarity, facilitate structured decision-making forums, and ensure requirements are governed, documented, and traceable from operational need through delivery. The focus is on predictable execution, transparency, and stewardship of government resources.

Working Conditions

Work is primarily performed in a professional office or government facility environment.

Position may require participation in classified discussions consistent with clearance level.

Collaboration with geographically dispersed stakeholders is expected.

Standard business hours with occasional schedule flexibility to support mission needs.

Why Paragon

Paragon Technology Group delivers mission-critical outcomes through disciplined execution, professional accountability, and respect for the trust placed in us by our government partners. Team members are empowered to own their work, contribute meaningfully to national defense missions, and operate in an environment that values clarity, predictability, and long-term stewardship.

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-ngh6r)