Senior Security Engineer

Job Description

Job Description

Senior Security Engineer

SUMMARY :

We are looking for a highly talented, technical hands-on Senior Security Engineer to develop and implement strategies to protect computer systems, networks, and other digital assets from malicious attacks. To work with a team of IT professionals to design and implement new security measures or update existing ones. To leads the development of new security measures designed to patch holes and keep sensitive data safe.

DUTIES AND RESPONSIBILITIES :

• Develop, and integrate with other Cybersecurity workflow to include : ATO Intake, assessment, and Vulnerability Scanning process.
• Perform security reviews based on RMF controls compliance, clients, and security best practices.
• Provide security input on Cloud Center of Excellence (CCOE) and Cloud Advisory Council (CAC) agenda items by participating in technical working groups, providing security analysis, and providing recommendations.
• Performs architecture design reviews including configuration and log reviews, and perform network traffic analyses.
• Produces a SAR Report to include HVA's architecture strengths and findings.
• Design and deploy native Cloud security services in AWS, Microsoft Azure, and Google Cloud.
• Perform proof of value of Cloud-native, COTS, 3rd party, or opensource security capabilities by hands-on deploying and evaluating against security requirements.
• Develop scripts or code to perform Cloud Security assessments through Cloud native API or SDK.
• Develop enterprise cloud security blueprints to include security in Infrastructure as Code (IaC templates).
• Analyzing the impact of emerging technologies on existing security systems and identifying potential risks
• Research new and emerging security practices and capabilities such as AI / ML to address compliance and mitigate security risk.
• Improve Cloud Security monitoring to include ingestion of logs such as : API, application / database, and flow logs into SIEM.
• Increasing Cloud vulnerability coverage in the areas of Operating System (OS), application code, and Infrastructure level.
• Develop architecture for integrating findings into a centralized dashboard that allows product owners direct access to team's specific systems or cloud account findings.

Work with Cybersecurity Authorizations and Compliance Branch (CACB) to :

REQUIRED SKILLS :

EDUCATION :

Candidate must have a Bachelor of Science (or higher) in one of the following : computer engineering, computer science, information technology, or cyber security. The resume may reference another major, so long as the resume is clear that the degree addressed at a minimum one of the following : cyber security engineering, systems administration, information systems security, software development security, systems engineering, information systems or information technology.

CERTIFICATIONS :

Certified Information Systems Security Professional (CISSP) is required. Certifications to include one or more of the following : Certified Cloud Security Professional, AWS Certified Solutions Architect Associate, AWS Certified Security Specialist, Microsoft Azure Solutions Architect, Google Professional Cloud Architect.

CLEARANCE : Public Trust

WORK LOCATION & CORE HOURS :   Washington, D.C. - Metro area, Full - Time