Employment Type: Full-Time
Work Arrangement: Remote
Department: Business Operations – Information Technology
Available Locations:
Atlanta, GA · Denver, CO · Dallas, TX · Chicago, IL · Charlotte, NC · Boston, MA · Fort Lauderdale, FL · Los Angeles, CA · Minneapolis, MN · Nashville, TN · Raleigh, NC · Washington, D.C. · San Francisco, CA · New York, NY · Fairfield, NJ
Salary Range: $80,000 – $100,000 annually
Application Deadline: Anticipated to close March 10, 2026 (may be extended)
About the Employer
Aprio is a nationally ranked CPA and advisory firm with more than 30 offices across the U.S., an international presence in the Philippines, and 2,100+ professionals representing 60+ languages worldwide. The firm supports fast-growing businesses with forward-looking accounting, advisory, and technology services and is widely recognized for its people-first culture and growth opportunities.
Position Overview
Aprio is seeking a Senior Cybersecurity Engineer to join its Information Technology team. This is a hands-on, execution-focused role supporting Aprio’s regulated cloud environment designed to handle Controlled Unclassified Information (CUI) and meet CMMC requirements.
The role focuses on implementing, operating, and continuously improving security controls to maintain compliance, audit readiness, and operational resilience. The engineer will translate architectural standards and compliance requirements into secure configurations, repeatable processes, and clear audit evidence.
Key Responsibilities
Security Engineering & Operations
- Implement and manage security controls across identity, network, compute, storage, key management, endpoints, logging, and monitoring within the CUI boundary
- Administer role-based and privileged access, MFA and conditional access, service account governance, and secrets/certificate lifecycle management
Configuration & Hardening
- Maintain secure configuration baselines for in-scope systems
- Identify configuration drift, remediate issues, and document approved exceptions
Monitoring, Detection & Response
- Ensure required logging is enabled and centralized
- Support alert investigation, detection tuning, and incident response activities specific to the regulated environment
Vulnerability & Patch Management
- Execute vulnerability scanning, remediation tracking, patch coordination, and validation
- Manage remediation SLAs and apply risk-based prioritization
Change Management & Compliance
- Participate in change reviews for regulated systems
- Assess security impacts, implement approved changes, and validate post-change posture
Audit Readiness & Evidence
- Maintain organized, defensible audit artifacts such as configuration snapshots, access reviews, vulnerability reports, and change records
Automation & Reliability
- Develop lightweight automation to improve consistency, reduce manual effort, and support repeatable deployments and evidence collection
Cross-Team Enablement
- Support IT and delivery teams operating within the CUI boundary through guidance, troubleshooting, and clear documentation
What Success Looks Like
- First 30–60 days: Independently execute core security operations with a solid understanding of the regulated boundary
- By 90 days: Stable control operations with low configuration drift, consistent remediation, and clean audit evidence
- By 6–12 months: Improved automation, stronger control health metrics, and enhanced operational resilience
Required Qualifications
- 4+ years of experience in security engineering, cloud engineering, or security operations
- Hands-on experience in regulated or compliance-driven environments (e.g., CMMC, NIST 800-171/800-53, FedRAMP-aligned, SOC 2, ISO 27001)
- Strong fundamentals in IAM, network segmentation, encryption/key management, and centralized logging
- Experience executing vulnerability and patch management workflows
- Ability to produce clear documentation and audit-ready evidence
- Strong collaboration skills across Security, IT, and delivery teams
Preferred Qualifications
- Experience supporting CMMC assessments or maintaining NIST 800-171–mapped controls
- Familiarity with regulated incident response and evidence handling
- Experience with automation or infrastructure-as-code (e.g., Terraform, Bicep, PowerShell, Python)
- Relevant certifications such as Security+, SSCP, GSEC, or cloud/security engineering equivalents
Benefits & Perks
Eligible full-time employees may receive a comprehensive benefits package, including:
- Medical, dental, and vision insurance starting day one
- Flexible spending and dependent care accounts
- 401(k) with profit sharing
- 9+ paid holidays and discretionary time off
- Parental leave for primary and secondary caregivers
- Tuition assistance and CPA support programs
- Performance-based incentive compensation
- Wellness programs
- Flexible remote and hybrid work options
Why Consider This Opportunity
- Work with a nationally recognized, fast-growing professional services firm
- Join a collaborative, high-energy team guided by “The Aprio Way”
- Contribute to meaningful, compliance-critical cybersecurity initiatives
- Enjoy long-term career growth, learning, and leadership opportunities
- Maintain work-life balance with flexible work arrangements
Equal Opportunity Statement
Aprio is an Equal Opportunity Employer and encourages diversity in the workplace. All qualified applicants will be considered without regard to race, color, religion, national origin, sex, pregnancy, sexual orientation, gender identity or expression, age, disability, genetic information, citizenship status, military service obligations, or any other protected status under applicable law.