Senior Cyber Security Engineer

				Overview:

GovCIO is currently hiring for a Senior Cyber Security Engineer with an active TS/SCI clearance in Washington, DC (4 days onsite, 1 day remote). 

Responsibilities:

* Subject matter expert for the organization in security standards and best practices
* Regularly perform security audits, vulnerability analysis, and provide reports.
* Configure Tenable, Sonarcube, and Gitlab applications
* Generate and decipher Splunk reports
* Architect, design & implement Zero Trust solutions
* Infuse Zero Trust design principles across all pillars in a Zero Trust model (e.g. Users, Devices, Networks, Applications, Data, etc)
* Assess, and recommend scalable, flexible, and resilient cloud architectures incorporating IT security and safeguarding requirements
* Develop best practices and security standards for the organization
* Coordinate with appropriate organizational stakeholders to ensure Zero Trust and Gen AI are both implemented broadly, end-to-end across customer environments
* Suggest and implement Cyber Security architecture improvements
* Support the design and implementation of the client provided Privileged Access Management (PAM) system (currently CyberArk)
* Troubleshoot where necessary and install and develop new plug-ins and connectors for PAM solutions
* Document technical processes and procedures and provide revisions of support documents as necessary
* Review and influence new and evolving design, architecture, standards, and methods for security infrastructures, vulnerabilities, and networking at scale
* Design monitoring and alerting capabilities for anomalous activity in client systems
* Develop, maintain and troubleshoot scripts to facilitate the integration and automation of security requirements throughout DevSecOps activities
* Review and recommend improvements in Enterprise Audit sharing agreements, processes, and technologies between client and other federal agency systems
* Review and recommend updates to the Enterprise Audit Strategy and develop an Enterprise Audit dashboard

Qualifications:

* Bachelor's with 8+ years of cyber security engineering experience (or commensurate experience)
* Preferred 10 years of security engineer experience
* Experience working in an enterprise infrastructure security and engineering role
* Previous experience (at least 4 years) with performing security engineering in a cloud environment, specifically supporting AWS
* Hands on knowledge of Zero Trust technologies covering IAM, User devices, software, and Encryption
* Hands on experience with Insider Threat Management, Privileged User Management and metrics generation  
* Required certifications: AWS, CISSP, Scrum
* Desired certifications: Azure, Security+, GSEC, GPEN, CEH, or Pentest+
* Basic programming knowledge
* Linux, system administration, networking, and cloud proficiency
* Basic penetration testing knowledge
* RMF and Well-Architected Framework proficiency
* Proficiency in Tenable, Splunk, Sonarcube, Gitlab and equivalent products.
* Proficiency in static code analysis
* Knowledge of NIST SP 800-207 Zero Trust Architecture, NIST AI-600-1, Artificial Intelligence Risk Management Framework: Generative Artificial Intelligence Profile, NIST Cybersecurity Framework (CSF), and the 18 main controls identified in the Center for Internet Security (CIS) Critical Security Controls.
* DOD STIG/CIS Benchmark proficiency
* Understand the full security engineering lifecycle from requirements to deployment
* Knowledge of IaaS, PaaS and SaaS architectures
* Excellent oral and written communication skills with customer, team, and leadership
* Strong planning and organizational skills. Detail oriented, decisive and goal oriented to consistently exceed objectives
* Clearance Required: Active TS/SCI clearance
			

Apply

Share this job:

Share this Job

View company profile

GovCIO LLC

Connect To Our Company