Senior Information Security Engineer
The Senior Information Security Engineer is responsible for maintaining the security and integrity of data. The security engineer must have knowledge of every aspect of information security within the company. They ensure that the development and implementation of security requirements and security practices are incorporated throughout the system engineering lifecycle and engineering maintenance of solutions, applications, products, information systems, and network environments to minimize risk. The Senior Information Security Engineer maintains currency on attack techniques being used by adversaries and counter-measures against any of the components being engineered into new or updated systems. They engineer and configure host and network firewalls, logging, and Intrusion Prevention Systems/Intrusion Detection Systems (IPS/IDS) at the highest appropriate level of security, and implement automated monitoring of configurations, patching, access controls and role delegations, application white listing, and other security measures to give system and network administrators daily actions to maintain the highest possible level of security and ensure that those actions are being performed. The Senior Information Security Engineer rapidly adjusts designs and program solutions based on new threat and attack information and ensures security components are included into new product releases. The Security Engineer applies software engineering methodologies, system/security engineering principles, secure design, secure architecture, secure coding, and system design and development techniques (e.g., scripting, programming, coding). While we would prefer candidates to be local to the DMV (Washington, DC Area) we are open to 100% remote option as well.
- The Senior Information Security Engineer should be familiar with the NIST Cyber Security Framework.
- Responsible for ensuring all networks have adequate security to prevent unauthorized access. Experience in configuring firewalls, access control list (ACLs), Network IDS/IP, Host IDS/IPS, DLP, etc.
- Produce compliance reports using the tools that would satisfy FISMA, CJIS and PCI compliance requirements.
- Provide engineering guidance in the outsourced MSSP operation of firewalls, intrusion detection systems, enterprise anti-virus and log monitoring tools (SIEM).
- Analyze organization's cyber defense policies and configurations and evaluate compliance with regulations and organizational directives
- Conduct and/or support authorized penetration testing on enterprise network assets
- Maintain deployable cyber defense audit toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense audit missions
- Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense auditing
- Prepare audit reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions
- Conduct required reviews as appropriate within environment (e.g., Technical Surveillance, Countermeasure Reviews
- Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications)
- Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes)
- Implement security controls approved by management
- Apply and execute the appropriate systems engineering, program protection and certification-related policies, principles, and practices across all levels and phases of the development lifecycle to increase the level of confidence that a system functions as intended, is free from exploitable vulnerabilities, and protects critical program functions and information.
- Execute the program protection during development
- Analyze and assist engineering and program management with program protection requirements analysis.
- Identify the security architecture boundary and characterize the attack surface.
- Translate security controls and requirements into system specification requirements.
- Update program protection actions and strategies in the security plan.
- Implement system security solutions consistent with approved system security architectures.
- Obtain interim approval to test or approval to operate as appropriate for test.
- Coordinate and conduct system security and cybersecurity developmental test and evaluation.
- Employ procedures, methods, and tools for identifying, representing, and formally assessing the important aspects of alternative decisions (options) to make an optimum (i.e., the best possible) decision. Prepare decision analysis
- 10+ years of experience in information security
- Bachelor's degree or equivalent experience in an information technology or information security discipline.
- Certifications: CEH, CISSP, GIAC, CISA, CISM, SANS or equivalent certification required
- Experience with security controls for an Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS) cloud paradigms
- Experience working with leading firewall (such as Juniper ScreenOS Firewalls, Cisco ASA, Sophos UTM), intrusion detection technologies (SourceFire/Snort, Sophos UTM).
- Experience working with log monitoring and SIEM tools (McAfee Nitro, Splunk) and file integrity monitoring tools.
- Experience working with data loss prevention technologies and tools.
- Knowledge of securing servers (Linux and Windows); desktop systems (Win10) and networks (Cisco, Juniper, Netscreen).
- Experience applying security to virtual platforms.
- Knowledge of mobile security and MDM.
- Cloud security concepts and protection. Experience with AWS Security and IDM is a huge plus.
- Knowledge of common application vulnerabilities, current threat vectors and mitigations.
- Participate in the enterprise Incident Response Plan and participate in incident response activities.
- Ability to work in a team environment. Effective working with matrix teams across organizational structure.
We are an equal opportunity employer and value diversity. All employment is decided on the basis of qualifications, merit and business need.
Job Status: Full Time