Continuous Monitoring Engineer

Piper Companies is seeking a Continuous Monitoring Engineer to join a fully remote (U.S.-based) cybersecurity and compliance services firm. This client-facing cybersecurity role focuses on vulnerability management, compliance monitoring, and cloud security across AWS, Azure, and GCP environments.

Responsibilities of the Continuous Monitoring Engineer include:

• Manage the full POA&M lifecycle, including risk justifications and deviation requests.
• Collect and maintain security evidence for monthly continuous monitoring (FedRAMP, HITRUST, PCI).
• Run and analyze vulnerability scans across OS, databases, web apps, and containers.
• Identify false positives and prepare risk assessments for federal stakeholders.
• Maintain system inventories and boundary documentation.
• Support vulnerability tools (Tenable, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender).
• Collaborate with engineering and SRE teams to integrate scanning into CI/CD pipelines.
• Track remediation activities and coordinate timelines with technical teams.
• Produce monthly compliance deliverables and vulnerability summaries.

Qualifications for the Continuous Monitoring Engineer include:

• 3–5 years of experience in vulnerability management, continuous monitoring, or security operations.
• Hands-on experience scanning OS, networks, databases, containers, and web apps.
• Experience with at least two cloud platforms (AWS, Azure, GCP).
• Familiarity with FedRAMP, HITRUST, or PCI frameworks.
• Administrator-level cloud certification (AWS/Azure/GCP).
• Strong understanding of CVSS/CMSS scoring and NIST 800‑53 (RA‑5, SI‑2, CM‑6).
• Experience with STIGs, SCAP/SCC, and CIS Benchmarks.
• Scripting skills (Python, PowerShell, Bash).
• Strong communication and documentation skills.

Preferred Qualifications:

• Cloud security certifications (AWS/Azure/GCP).
• Security+ or CISSP.
• Experience with container security tools (Trivy, Anchore, Snyk) and Kubernetes.
• Familiarity with SCA and SAST/DAST tools.
• Experience integrating security controls into CI/CD workflows.

Position Details:

• Fully remote (U.S.)
• Up to 10% travel
• Collaboration with engineering, SRE, compliance, and federal client teams

Compensation for the Continuous Monitoring Engineer includes:

• Salary Range: $115,000 – $130,000
• Benefits: Medical, Dental, Vision, 401K, PTO, Sick Leave (as required), Holidays

Keywords:

#LI-RE1 #LI-REMOTE continuous monitoring engineer, vulnerability management, continuous monitoring, POA&M, FedRAMP, HITRUST, PCI, compliance monitoring, cloud security, AWS, Azure, GCP, CVSS, CMSS, NIST 800‑53, RA‑5, SI‑2, CM‑6, STIG, SCAP, CIS Benchmarks, Tenable, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender, Trivy, Anchore, Snyk, container security, Kubernetes, CI/CD, DevSecOps, SCA, SAST, DAST, automation, Python, PowerShell, Bash, security documentation, compliance evidence, 3PAO, federal security, cloud architecture, cloud governance, cloud compliance, vulnerability scanning, risk assessment, security reporting, client-facing, professional services, cloud environments, cloud operations, cloud tooling, security frameworks, zero trust, IAM, RBAC, MFA, SAML, OAuth, Linux, Windows, Agile, SCRUM, technical documentation, cloud consulting, hybrid cloud, multi-cloud.