As a Senior Cybersecurity Engineer, you will implement, operate, and improve security controls for a regulated cloud environment, ensuring compliance with CMMC and other standards while managing identity, access, logging, and incident response.
Work with a nationally ranked CPA and advisory firm that is passionate for what's next. Aprio has 30 U.S. office locations, one in the Philippines and more than 2,100 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio.
Join Aprio's information Technology team and you will help clients maximize their opportunities. Aprio is a progressive, fast-growing firm looking for a Senior Cybersecurity Engineer to join their dynamic team.
Aprio operates a dedicated regulated cloud environment to support Controlled Unclassified Information (CUI) and meet CMMC requirements. This role is hands-on and execution-focused: you will implement, operate, and continuously improve the security controls that protect the CUI boundary and keep the environment audit-ready.
You will support the day-to-day security engineering and operations for Aprio’s CMMC-aligned regulated cloud environment. You’ll take architecture standards and compliance requirements and turn them into reliable configurations, repeatable deployments, measurable control health, and clean evidence.
Position Responsibilities:
- Security control implementation: Implement and operate security controls across identity, network, compute, storage, key management, endpoint security, logging, and monitoring within the CUI boundary.
- Access and privilege management: Administer role-based access, privileged access workflows, MFA/conditional access enforcement, service account governance, and secrets/cert lifecycle tasks.
- Configuration baseline and hardening: Apply and maintain secure configuration baselines for in-scope systems and services. Investigate drift, remediate misconfigurations, and document exceptions with approvals.
- Logging and detection operations: Ensure required logging is enabled and flowing to centralized monitoring. Help tune detections, investigate alerts, and support incident response procedures specific to the CUI environment.
- Vulnerability and patch execution: Run vulnerability scans (or validate results), track remediation, coordinate patching, and verify closure. Manage remediation SLAs and support risk-based prioritization.
- Change control support: Participate in change reviews for CUI-scoped systems, assess security impact, implement approved changes, and validate post-change security posture.
- Evidence collection and audit readiness: Produce and maintain audit evidence (config snapshots, access reviews, logging verification, vulnerability reports, change records). Keep evidence organized, complete, and easy to validate.
- Automation and reliability: Build lightweight automation to reduce manual work (repeatable deployments, configuration validation, evidence collection) and improve consistency without introducing risk.
- Partner enablement: Support IT and delivery teams working inside the boundary by providing secure implementation guidance, troubleshooting, and clear “how-to” documentation.
What success looks like:
- First 30–60 days: You can operate the environment safely, understand the boundary, and execute core security tasks (access, logging, vuln/patch, evidence) with minimal supervision.
- By 90 days: Control operations are predictable: low drift, reliable logging, consistent remediation cadence, and clean evidence artifacts that map to control outcomes.
- By 6–12 months: You’ve helped reduce manual effort through repeatability and automation, improved control health metrics, and strengthened day-to-day operational resilience.
Required Qualifications:
- 4+ years in security engineering, cloud engineering, or security operations with hands-on responsibility for implementing controls.
- Experience working in regulated or compliance-driven environments (CMMC, NIST 800-171, NIST 800-53, FedRAMP-aligned environments, SOC 2, ISO 27001, or similar).
- Strong fundamentals in identity and access management, network segmentation concepts, encryption/key management basics, and centralized logging/monitoring.
- Experience executing vulnerability management and patch workflows (scan, prioritize, remediate, validate).
- Ability to write clear operational documentation and produce defensible evidence artifacts.
- Strong collaboration skills with the ability to work across Security, IT, and delivery teams.
Preferred qualifications:
- Experience supporting a CMMC assessment or maintaining controls mapped to NIST 800-171.
- Familiarity with incident response processes and maintaining chain-of-custody and evidence handling in regulated contexts.
- Experience with infrastructure-as-code or scripting for automation (e.g., Terraform/Bicep equivalents, PowerShell, Python).
- Security certifications (one or more): Security+, SSCP, GSEC, or cloud/security engineering equivalents.
The application window is anticipated to close on March 10, 2026 and may be extended as needed.
Why work for Aprio:
Whether you are just starting out, looking to advance into management or searching for your next leadership role, Aprio offers an opportunity to grow with a future-focused, innovative firm.
Perks/Benefits we offer for full-time team members:
- Medical, Dental, and Vision Insurance on the first day of employment
- Flexible Spending Account and Dependent Care Account
- 401k with Profit Sharing
- 9+ holidays and discretionary time off structure
- Parental Leave – coverage for both primary and secondary caregivers
- Tuition Assistance Program and CPA support program with cash incentive upon completion
- Discretionary incentive compensation based on firm, group and individual performance
- Incentive compensation related to origination of new client sales
- Top rated wellness program
- Flexible working environment including remote and hybrid options
What’s in it for you:
- Working with an industry leader: Be part of a high-growth firm that is passionate for what’s next.
- An awesome culture: Thirty-one fundamental behaviors guide our culture every day ensuring we always deliver an exceptional team-member and client experience. We call it the Aprio Way. This shared mindset creates lasting relationships between team members and with clients.
- A great team: Work with a high-energy, passionate, caring and ambitious team of professionals in a collaborative culture.
- Entrepreneurship: Have the freedom to innovate and bring your ideas to help us grow to become the CPA firm of choice nationally.
- Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement.
- Competitive compensation: You will be rewarded with competitive compensation, industry-leading benefits and a flexible work environment to enjoy work/life balance.
EQUAL OPPORTUNITY EMPLOYER
Aprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law.
Aprio, LLP and Aprio Advisory Group, LLC, operate in an alternative business structure, with Aprio Advisory Group, LLC providing non-attest tax and consulting services, and Aprio, LLP providing CPA firm services.
Top Skills
Cmmc
Fedramp
Iso 27001
Nist 800-171
Nist 800-53
Powershell
Python
Soc 2
Terraform
Similar Jobs
Artificial Intelligence • Software • Cybersecurity
The Senior Sales Engineer will lead technical sales discussions, design solutions, mentor junior engineers, and represent the company at industry events.
Top Skills:
AICybersecurityMl
Artificial Intelligence • Productivity • Software • Automation
As a Full Stack Engineer at Zapier, you will develop and maintain full-stack features for billing, payments and subscription services, collaborating across teams for performant user experiences.
Top Skills:
AWSDjangoJavaScriptPostgresPythonReactRedisTypescript
Cloud • Computer Vision • Information Technology • Sales • Security • Cybersecurity
The Technology Resilience Principal will lead resilience functions, driving strategies for technical resilience across systems, ensuring service reliability, and disaster recovery.
Top Skills:
Application ResilienceChaos EngineeringCloud-Native EnvironmentsEnterprise Disaster RecoveryInfrastructure RedundancyMonitoring Platforms
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
