Everforth ECS is seeking a Security Engineer to work in our Portland, OR office.

The Security Engineer supports the design, implementation, configuration, and maintenance of cybersecurity technologies, controls, and secure infrastructure capabilities across enterprise systems and security operations environments. This role helps ensure that systems, applications, networks, endpoints, and cloud environments are protected, monitored, hardened, and aligned with organizational security requirements.

The ideal candidate has hands-on experience implementing and supporting security tools, troubleshooting technical security issues, applying secure configuration standards, and collaborating with SOC analysts, system administrators, network engineers, control assessors, and program stakeholders to improve the organization's security posture.

Key Responsibilities

Security Engineering & Implementation

Implement, configure, maintain, and support cybersecurity technologies, tools, platforms, and technical security controls.

Assist with engineering secure solutions for enterprise systems, networks, endpoints, cloud environments, applications, and operational support platforms.

Support security architecture decisions by providing implementation input, technical feasibility analysis, and operational considerations.

Apply security engineering practices across the system lifecycle, including planning, deployment, configuration, testing, operations, and sustainment.

System Hardening & Secure Configuration

Apply secure configuration baselines, hardening standards, and technical control requirements to servers, endpoints, network devices, applications, and cloud services.

Review system configurations, permissions, authentication settings, logging settings, encryption settings, and access controls for alignment with security requirements.

Support implementation of vulnerability remediation, configuration changes, patching activities, and risk reduction measures in coordination with system owners.

Validate that security controls are operating as intended and support remediation when control gaps or technical weaknesses are identified.

Security Tool Support & Integration

Support deployment, tuning, and sustainment of tools such as SIEM, EDR, vulnerability scanners, firewalls, IDS/IPS, email security, identity security, logging, and monitoring platforms.

Integrate security tools with enterprise systems, data sources, ticketing systems, dashboards, identity platforms, and incident response workflows.

Troubleshoot tool performance, connectivity, data collection, alerting, agent health, policy enforcement, and integration issues.

Coordinate with SOC analysts, Splunk engineers, threat hunters, and system administrators to ensure security tooling supports monitoring, investigation, and response requirements.

Vulnerability, Risk & Remediation Support

Analyze vulnerability scan results, configuration findings, security alerts, and control weaknesses to support prioritization and remediation planning.

Work with technical teams to identify root causes, validate remediation options, and confirm closure of vulnerabilities or security findings.

Support risk treatment activities by documenting technical constraints, compensating controls, residual risk, and remediation status.

Assist control assessors and assessment leads by providing technical evidence, configuration details, screenshots, logs, and implementation explanations.

Incident Response & Operational Support

Provide technical engineering support during security incidents, investigations, containment activities, eradication efforts, and recovery actions.

Assist with log collection, tool validation, endpoint or network containment actions, access changes, system isolation, and forensic preservation activities as directed.

Develop and maintain scripts, queries, automation, and repeatable procedures to improve security operations and engineering response efficiency.

Participate in after-action reviews and support implementation of technical improvements based on incident lessons learned.

Documentation, Standards & Continuous Improvement

Develop and maintain technical documentation, configuration standards, diagrams, implementation guides, runbooks, and operational procedures.

Support change management, configuration management, asset documentation, and security engineering governance processes.

Recommend improvements to security tools, engineering processes, baselines, automation, monitoring coverage, and technical control implementation.

Stay current with emerging threats, security technologies, hardening guidance, and engineering best practices relevant to enterprise security environments.

Qualifications

U.S. Citizenship with ability to obtain and maintain a DOE “L” clearance after start.
3-5 years of experience in cybersecurity engineering, security operations, systems administration, network administration, cloud security, or related technical security roles.
Hands-on experience implementing, configuring, or supporting security tools, technical controls, secure configurations, and enterprise security technologies.
Working knowledge of Windows, Linux, networking, identity and access management, endpoint security, logging, vulnerability management, and common security architectures.
Experience applying security requirements, hardening standards, vulnerability remediation guidance, and configuration baselines across technical environments.
Ability to troubleshoot technical security issues involving systems, networks, applications, integrations, agents, logs, policies, and monitoring tools.
Familiarity with cybersecurity frameworks, standards, and best practices such as NIST, CIS Controls, DISA STIGs, ISO 27001, or organizational security baselines.
Strong documentation, communication, collaboration, and problem-solving skills.

Learn more about this Employer on their Career Site