Continuous Monitoring Engineer

About the Continuous Monitoring Engineer Role

Piper Companies is seeking a Continuous Monitoring Engineer to join a fully remote U.S.-based cybersecurity and compliance services firm. In this client-facing role, you will focus on vulnerability management, compliance monitoring, and cloud security across AWS, Azure, and GCP environments.

Responsibilities

• Manage the full POA&M lifecycle including risk justifications and deviation requests.
• Collect and maintain security evidence for monthly continuous monitoring (FedRAMP, HITRUST, PCI).
• Run and analyze vulnerability scans across OS, databases, web apps, and containers.
• Identify false positives and prepare risk assessments for federal stakeholders.
• Maintain system inventories and boundary documentation.
• Support vulnerability tools such as Tenable, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender.
• Collaborate with engineering and SRE teams to integrate scanning into CI/CD pipelines.
• Track remediation activities and coordinate timelines with technical teams.
• Produce monthly compliance deliverables and vulnerability summaries.

Qualifications

3–5 years of experience in vulnerability management, continuous monitoring, or security operations. Hands-on experience scanning OS, networks, databases, containers, and web apps. Experience with at least two cloud platforms (AWS, Azure, GCP) and familiarity with frameworks such as FedRAMP, HITRUST, or PCI. Administrator-level cloud certification and strong understanding of CVSS/CMSS scoring and NIST 800‑53 (RA‑5, SI‑2, CM‑6) are required. Additional experience with STIGs, SCAP/SCC, and CIS Benchmarks is a plus, along with scripting skills in Python, PowerShell, or Bash and strong documentation skills.

Preferred Qualifications

Cloud security certifications, Security+ or CISSP, experience with container security tools (Trivy, Anchore, Snyk) and Kubernetes, familiarity with SCA and SAST/DAST tools, and experience integrating security controls into CI/CD workflows.

Position Details

This is a fully remote position (U.S.) with up to 10% travel required. You will collaborate with engineering, SRE, compliance, and federal client teams.

Compensation & Benefits

Salary range is $115,000 – $125,000 along with medical, dental, vision, 401K, PTO, sick leave, and holiday benefits.

Key skills/competency

• Continuous Monitoring
• Vulnerability Management
• Cloud Security
• Compliance
• FedRAMP
• HITRUST
• PCI
• CI/CD
• Scripting
• Risk Assessment