Senior Cybersecurity Engineer

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, or related field or five (5) years of federal information system security experience.
• Must have and maintain one or more professional certification(s) at the IAT III or IASAE III levels in accordance with DOD Instruction 8570: CompTIA Advanced Security Practitioner (CASP+) Certified Information Systems Security Professional (CISSP) CISSP-Information Systems Security Architecture Professional (ISSAP) CISSP-Information Systems Security Engineering Professional (ISSEP) Certified Cloud Security Professional (CCSP)
• Minimum of ten (10) years, fifteen (15) if no degree, of proven information systems program management experience
• Extensive, in-depth experience configuring, managing, and operating one or more SIEM tools such as Splunk and Crowdstike, including log management, analysis, and dashboard creation.
• Hands-on experience administering and troubleshooting a range of security infrastructure devices and tools, such as IDS/IPS (Intrusion Detection/Prevention Systems), endpoint security solutions, and antivirus software.
• Proficiency in using standard scanning tools like Nessus and managing vulnerability remediation.
• Ability to use scripting languages like Python, PowerShell, and Bash to automate tasks, build security tools, and enhance security controls.
• The ability to conduct technical assessments and audits on IT systems to identify security risks and ensure compliance.
• Capability to perform digital forensics, which includes investigating security incidents and recovering compromised data.
• A solid understanding and application of NIST Special Publications, including SP 800-53, SP 800-137, SP 800-171, and SP 800-37.
• Experience with the RMF (Risk Management Framework) and the NIST Cybersecurity Framework.
• Experience with auditing systems in local and cloud environments (AWS) according to federal guidelines. This includes managing and enforcing security compliance in general.
• The knowledge and ability to perform risk assessments, identify threats, evaluate potential impact, and develop risk mitigation strategies.
• Practical experience implementing security in hardware and software, along with familiarity with commercial cybersecurity products.
• Experience securing and auditing various operating systems, including Windows, Linux, and virtual environments.
• Knowledge of current and past cybersecurity threats and vulnerabilities, with the ability to conduct threat intelligence research.
• In-depth knowledge of cloud security, including industry architectures, management tools, and specific platforms like AWS and Azure. This includes managing virtual private clouds and security services.

Responsibilities

• Manage and operate SIEM tools for log analysis and dashboard creation.
• Administer security infrastructure, including IDS/IPS, endpoint security, and antivirus.
• Configure and manage firewalls, routers, and network segmentation in hybrid environments.
• Use tools like Nessus for vulnerability scanning and remediation.
• Automate security tasks and controls using scripting languages like Python and Bash.
• Conduct technical security assessments, audits, and digital forensics.
• Apply NIST frameworks (SP 800-53, SP 800-137, SP 800-171, RMF) and federal guidelines.
• Perform risk assessments and develop mitigation strategies.
• Implement and audit security controls across Windows, Linux, and virtual environments.
• Conduct threat intelligence research on current cybersecurity vulnerabilities.
• Manage cloud security, including AWS and Azure platforms.

Benefits

• 20 Days PTO + 40 Hours of Paid Sick & Safe Time
• 11 Federal Holidays + 2 Corporate Holidays
• Health, Vision, Dental, and Life Insurance
• 401(k) with Tiered Match & 100% Vesting
• Parental Leave for Birthing and Non-Birthing Parents
• Professional Development Reimbursement Program