[Remote] Continuous Monitoring Engineer
Note: The job is a remote job and is open to candidates in USA. Zachary Piper Solutions is currently seeking a Continuous Monitoring Engineer to support a federal client. This position is critical in safeguarding cloud environments and maintaining compliance with federal security standards, focusing on cloud asset inventory management, vulnerability scanning, and FedRAMP continuous monitoring.
Responsibilities
- Build, validate, and maintain accurate cloud asset inventories across environments, ensuring full visibility of infrastructure components
- Reconcile missing assets and ensure complete scan coverage across virtual machines, containers, databases, networking, and application layers
- Execute and troubleshoot vulnerability scans, identifying coverage gaps and remediating technical issues
- Support FedRAMP continuous monitoring processes, ensuring adherence to required timelines and deliverables
- Maintain and update Plans of Action & Milestones (POA&Ms), accurately tracking vulnerabilities and remediation efforts
- Produce monthly continuous monitoring deliverables for federal stakeholders
- Apply working knowledge of NIST 800-53 controls, specifically RA-5 (Vulnerability Scanning), SI-2 (Flaw Remediation), and CM-6 (Configuration Settings)
- Identify false positives in scan results and communicate remediation priorities effectively
- Troubleshoot technical issues independently, researching solutions prior to escalation
- Proactively communicate blockers, follow up on access requests, and ensure timely completion of tasks
- Partner with engineering teams and federal stakeholders to communicate findings and drive remediation efforts
- Demonstrate ownership of assigned work and operate independently after initial onboarding
Skills
- 3–5+ years of experience in cloud security, vulnerability management, or continuous monitoring
- Hands-on experience building and maintaining cloud asset inventories
- Strong understanding of cloud infrastructure, including: Virtual machines, Containers, Databases, Networking, Application assets
- Experience supporting FedRAMP or similar compliance frameworks
- Familiarity with continuous monitoring processes and monthly compliance reporting
- Experience maintaining POA&Ms and supporting audit documentation
- Working knowledge of NIST 800-53 controls (RA-5, SI-2, CM-6)
- Demonstrated ability to troubleshoot independently
- Demonstrated ability to research and apply solutions
- Demonstrated ability to learn new technologies quickly
- Demonstrated ability to connect technical concepts beyond documented procedures
- Strong communication skills with the ability to clearly explain technical findings to both engineers and federal stakeholders
- Ability to work independently with minimal supervision in a remote environment
Benefits
- Health, Dental, Vision
- PTO
- 401K
- Holidays
- Sick Leave if required by Law
Company Overview