Sr. Staff Security Engineer
- Washington D.C., District Of Columbia -
Seeking a Sr. Staff Security Engineer
Location: Washington D.C.
Salary: $140, 000 – $160, 000
- Seeking a seasoned cyber security engineer with proven understanding in enterprise security focused on building tool sets and processes to support the Information Security Program (ISP).
- This role will be a driving force behind the adoption of new security technologies rooted in behavioral analytics and machine learning.
- The successful candidate will be a subject matter expert with hands-on experience in a wide range of cloud technologies, tools and methodologies.
- As a Cyber Security Engineer, you will apply your experience and expertise to better the overall security posture by working across teams, business units, and project managers to further the security strategy and address security concerns.
- Foster a security-centric and consultative relationship with the business, mine sites, and other IT teams.
- Provide consultation, architecture to project teams on security best practices and security design requirements.
- Design, implement, and manage security practices and solutions for servers, infrastructure, workstations, mobile devices, and industrial control systems, perimeter defense, and other common enterprise technologies.
- Manage logging and analytics, firewalls, IPS, AV, spam and URL filtering, and other security-specific tools.
- Manage security practices and protection for end-users, including email, web access, anti-virus, and other common endpoint solutions.
- Approve and administer user accounts, permissions, and access rights.
- Conduct research on products, services, protocols, and standards to remain abreast of developments in the technology industry.
- Research, implement, and manage the security of cloud-based technologies.
- Conduct risk assessments, including vendor risk.
- Perform vulnerability scans and ensure appropriate remediation activities are fulfilled.
- Develop and deliver security training across the company.
- Bachelor’ s Degree in Computer Science or in “ STEM” Majors (Science, Technology, Engineering and Math)
- 8+ years’ experience in Information Technology
- 6 + years’ experience in Cyber Security engineering and support
- Must be willing to work out of an office located in Northern Virginia, DC Area
- Minimum of 5 years of experience with detection technologies (e.g. Snort, Suricata, Bro, netsniff)
- Minimum of 4 years of experience with scripting languages (e.g. Ruby, Python, Perl, and Powershell)
- Minimum of 2 years of experience with cloud technologies (e.g. AWS, Azure, OpenStack)
- Minimum of 1 year of experience with secure development life-cycles
- Minimum of 1 year of experience with identity management and authentication
- 5-7 years of experience administering Windows and Unix-like operating systems (e.g. Linux, OSX)
- 5-7 years’ experience administering orchestration tools such as Puppet, SALTStack, Chef, or Ansible
- Experience in computer security incident response, including forensic investigations and chain of custody
- Experience with CheckPoint (R80) and Cisco ASA firewalls.
- Experience with Cisco AMP and Cisco Email Security Appliances
- Experience with multifactor authentication mechanisms
- Experience with the Cisco networking technology stack, including VPN
- Experience in Enterprise logging, log analysis and correlation engines
- Nice to have familiarity with industrial control systems Cyber Security norms and standards (IEC62443, NERC-CIP, ANSSI, ISO 27k…)
- Prior experience working within an Agile framework (Scrum/Kanban)
- One or more Security Certifications or equivalent (CISSP, etc.)
- One or more Platform Certifications or equivalent (RHCE, LFCE, etc)
- Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
- Experience in securing cloud infrastructure such as AWS, Azure and alike (i.e., inspection, logging, WAF, VM)
- Experience in deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS), specifically within AWS, Azure and GCP
- Familiarity with data analytics and machine learning principles and techniques
- Knowledge of SIEM API integration techniques
- A comprehensive compensation package including bonuses, benefits, and stock purchase plans where applicable
- Access to a variety of career opportunities across locations
Due to the high volume of applications we typically receive, we regret that we are not able to personally respond to all applications. However, if you are invited to take the next step in the process, you will typically be contacted within 2 weeks of submitting your application.