Security Engineer

About The Position

Requirements

• CISSP certification, current and completed.
• Microsoft Certified Security Operations Analyst Associate.
• U.S. Citizen able to obtain a security clearance (public trust level 5).
• Experience in a Federal Azure Cloud environment.
• Familiar with security tools: Azure Sentinel, Azure Log Analytics, Microsoft Defender, BURP, SQL Databases.
• Experience with PowerShell.
• Bachelor’s Degree in Information Systems, Management Information Systems, or a related field.
• Knowledgeable of operating systems, LANs, and WANs/MANs.
• Demonstrated knowledge and experience with applicable security regulations and standards.

Nice To Haves

• Familiar with Security policies and practices within the Federal Government cloud environment.
• Familiar with FedRAMP requirements.
• Familiar with security industry best practices and standards such as SANs 18, OMB M-21-31 Logging requirements, Zero Trust in Azure, DISA SITG requirements for Windows Virtual Machines, Microsoft Purview for data governance, TIC 3.0 Logging requirements.

Responsibilities

• Ensure all applications are configured and maintained based on FISMA Standards.
• Complete Security Scans of the applications and deliver reports based on the scans.
• Update POAMs based on the scans and issues, resolve/implement and/or work with the IT team to address issues/vulnerabilities identified.
• Complete Annual Security Review – Coordinate, complete and deliver the annual security review.
• Test controls and complete updates as required based on the review.
• Deliver evidence and reports as required.
• Complete Annual Contingency Plan Test – Coordinate, complete and deliver the annual Contingency Plan Test.
• Maintain/update Security Documentation; respond to Security questions/issues.
• Prepare and deliver required FISMA Documentation, i.e., System Test Plan, Risk Assessment, Policies, Configuration Management Plan, Contingency Plan, etc. for recertification.
• Work with a 3rd party vendor designated by the client to complete scans of the applications.
• Review existing C&A paperwork, respond to questions on C&A paperwork submitted, resolve or make recommendations on how to address issues identified.
• Provide guidance on security policies, issues or questions that are identified.
• Review system changes and determine security impact and provide guidance.
• Ensure compliance with appropriate security standards and regulations.
• Implement/make recommendations to meet new security policies/requirements.
• Conduct analysis of system designs, processes, and procedures to document the applicable security controls in accordance with NIST 800-53 guidelines and requirements.
• Exhibit strong writing and editing skills, as well as the ability to work closely with all business areas to develop new and existing documentation.
• Aggregate, parse, rearrange, and revise current documentation according to security requirements, new standards, and formats.
• Create new documentation for processes, procedures, training materials, user guides, web-based content, release notes, internal and external presentations, etc.
• Document and implement a continuous monitoring strategy based on FISMA requirements.
• Use Azure Sentinel, Log Analytics and Microsoft Defender to monitor Azure logs and identify risks in real time.
• Write Kusto Query Language (KQL) queries for Azure Log Analytics and Azure Sentinel.
• Create and modify Azure Sentinel Workbooks, Hunting Queries, and Analytics Rules using KQL.
• Interpret web traffic data from cloud-based firewalls to identify risks and recommend configuration or rule changes.
• Work with a technical team to evaluate Microsoft Defender for Cloud configuration recommendations based on NIST 800-53 r5 blueprints.

Benefits

• Medical, Dental, Vision, and Life Insurance.
• 401(k) with company match.
• Paid Time Off.
• Paid Holidays.
• Flexible Spending Account (FSA) and Health Savings Account (HSA).
• Pet Insurance.