Security Engineer

Piper Companies is seeking an experienced Security Engineer located in the Fulton, MD area. The Security Engineer role sits within the security team where they leverage their analytical, monitoring, triage and infrastructure skills. The Security Engineer provides mentorship and technical guidance to SOC analysts to support their development in security analysis and incident investigation.

Responsibilities of the Security Engineer include:

·      Support the implementation and ongoing maintenance of web application security scanning tools and processes

·      Contribute to the analysis of operational environments and provide recommendations for enhancing existing processes

·      Support the deployment and oversight of essential infrastructure systems critical to core business operations

Qualifications for the Security Engineer include:

·      Strong hands-on experience with Microsoft Azure, focusing on security configurations and policy enforcement

·      Deep knowledge of Entra ID (Azure AD) for identity governance and access controls

·      Working knowledge of AWS to support hybrid cloud environments

·      Familiarity with container security in Kubernetes (preferred but not required)

·      Proficiency in vulnerability management, including reporting, triage, remediation tracking, and stakeholder communication

·      Experience with cloud security posture management tools such as Wiz

·      Ability to align cloud configurations with recognized cybersecurity frameworks (e.g., NIST, CIS, ISO)

Compensation for the Security Engineer includes:

·      $100,000 – $115,000 annually with a comprehensive benefit: Medical, Dental, Vison, 401k, PTO, holidays, sick leave as required by law

·      Hybrid work environment – 2 days on-site

This job opens for applications on 11/13/2025. Applications for this job will be accepted for at least 30 days from the posting date.

Keywords: AWS, Azure, cloud security, Risk Management Framework (RMF), NIST SP 800-53, NIST Cybersecurity Framework (CSF), security compliance, security governance, ATO (Authorization to Operate), continuous monitoring, Python, scripting, automation, vulnerability management, threat detection, incident response, identity and access management (IAM), infrastructure as code (IaC), DevSecOps, Terraform, Ansible, CI/CD pipelines, security assessments, security controls, cloud-native security tools, log analysis, SIEM, security architecture, system hardening, and regulatory compliance.

#LI-JN1

#LI-HYBRID