Sr. Security Engineer
- Job Title
- Sr. Security Engineer
- Job ID
- Washington, DC
- Other Location
We are hiring! Our client is a rapidly growing information security and information technology company in Washington, DC. We are looking to hire a Senior Security Engineer to provide a full range of Cybersecurity services on a long-term contract in Washington, DC. The position is full time/permanent and will support a US Government civilian agency. The position is available immediately upon finding a qualified candidate with an active TS clearance.
Please APPLY by sending an updated resume and target salary. We look forward to hearing from you!
Location: Remote but must live in the Washington DC area.
- The Security Engineer shall design, implement, and maintain IT security systems to protect the agency's digital assets from malicious cyber attacks. The Security Engineer is responsible for documenting all security-related information, including incident response and disaster recovery plans, as well as supporting the education of users on proper security protocols.
- The Security Engineer is expected to recommend specific measures, process improvements and best practices that can improve the agency's overall security posture.
- The Security Engineer is expected to implement, configure and administer SIEM and IDS products to ensure proper visibility into the environment and compliance requirements.
- The Security Engineer will participate in a lead role in the Cyber Security Incident Response Team and will employ strategy, standards, processes and technology to detect, respond and recover from security incidents and to limit the impact of any such occurrence or reoccurrence by using risk-based triage.
- The Security Engineer will work with various internal teams to identify gaps and expand coverage of endpoints, logging and network tooling to improve monitoring and response capabilities, including collaboration with Infrastructure and Operations team on solution design recommendations.
- The Security Engineer will investigate, triage, contain, and mitigate complex cybersecurity events and incidents using various cyber security tools such as IDS, EDR, SIEM and CASB.
- The Security Engineer will create and tailor IDS rule sets, policies and signatures and/or SIEM alerts to the agency network environment and systems.
- The Security Engineer will configure and maintain cloud monitoring technologies to support infrastructure as a service (IaaS) and software as a service (SaaS) deployment.
- The Security Engineer will review threat intelligence reports and feeds, make recommendations and lead implementations for profile or toolset changes based on reviews.
- The Security Engineer will conduct trending and correlation of multiple cyber intelligence sources for the purposes of indicator collection, shifts in TTPs, attribution and establishing countermeasures to increase cyber resiliency
- Experience in administering, configuring and tuning endpoint protection systems such as VMware Carbon Black
- Possess a breadth of knowledge and experience across the information security domain such as Endpoint Security, SIEM, IDS/IPS, Packet Capture Analysis, Memory Analysis, Identity Management, Vulnerability Management, Incident Response, and Cyber Threat Intelligence.
- Experience in leading cyber-attack investigations and of working in a similar Security Operations Center (SOC) environments managing cases with enterprise SIEM or Incident Management systems
- Experience with traditional firewall and Web Application Firewall (WAF) technologies.
- Hands-on experience analyzing and responding to security events, such as conducting log analysis, developing queries and analytics, troubleshooting security issues, and correlating diverse data sets.
- Experience with vulnerability management tools such as Tenable.SC, Tenable.IO, and Nessus
- Experience with Security Onion, Elasticsearch, Logstash, Kibana, Volatility, Microsoft System Monitor (Sysmon) and Microsoft Threat Analytics (ATA)
- Experience with cloud deployments (AWS, Azure, Salesforce, and general IaaS, SaaS, PaaS deployments) with a focus on security
- Knowledgeable in PowerShell and Python or other scripting languages for system automation.
- Familiarity with government security standards (NIST, FISMA, DHS4300, etc.)
- Excellent customer relation skills.
- Excellent communication skills.
- Excellent problem-solving ability.
- GIAC Certified Intrusions Analyst (GCIA), GIAC Certified Incident Handler (GCIH) and Certified Information Systems Security Professional (CISSP)
- Bachelor of Science degree in computer science, programming, information systems, or related discipline
- 5+ years of experience in the Information Security, Network Security, or Cyber Security domain
- Active Top Secret