Senior Security Engineer

About The Position

Requirements

• High level of attention to detail, needs minimal guidance, effective verbal, and written communications.
• Equally adept at operational and technical skills.
• Able to adapt to new and changing requirements or priorities and manage work and resources accordingly.
• At least 5 years of network, systems, applications, cybersecurity engineering or related discipline
• Experience supporting federal civilian FISMA systems
• Working knowledge of: NIST SP 800-53 Rev 5 RMF documentation processes FedRAMP Moderate or High environments Continuous monitoring practices
• Hands-on experience with AWS or Azure cloud security configurations
• Experience preparing systems for audit or assessment.
• Experience implementing security in Cloud (AWS required, Azure or GCP optional): Multi-Cloud, Hybrid Cloud, IaaS, PaaS, SaaS, shared responsibility model.
• AWS IAM, KMS, S3, RDS, SNS/SQS, Organization, Guard Duty, Security Hub, Detective, Config, CloudTrail, CloudWatch, Lambda.
• Azure E3/E5, Active Directory, Blob, Azure Security Center, Key Vault, SSE, Monitor, Log Analytics, Policy.
• Experience with DevSecOps strategy and implementation and designing architecture in accordance to RMF, CSF, FISMA, and Fedramp.
• Familiarity with: ZTA and SASE Framework, ICAM (OKTA), CWPP, SOC Operations, Vulnerability Threat Management, and Compliance.
• Bachelor of Science (or higher) in one of the following: computer engineering, computer science, IT, or Cybersecurity.
• At least one of the following certifications is required: CISSP, CASP+, CCNP Security, CISM, CSSLP, ISSEP/ISSAP or any other that is approved on the DoD 8140 (IAT) Level III or Information Assurance System Architect and Engineer (IASAE) Level II/III.
• Public Trust

Nice To Haves

• A cloud certification such as CCSP, AWS Certified Security - Specialist, or Google Professional Cloud Security Engineer is also preferred.

Responsibilities

• Support the implementation of continuous authorization (cATO) model within DevSecOps environments.
• Draft and refine technical SOPs supporting automated control validation
• Assist with the implementation, configuration, monitoring and reporting of capabilities required to meet the clients cTAO and A&A automation initiatives.
• Contribute to development of repeatable security processes aligned to NIST and agency guidance
• Assist in documenting remediation workflows and continuous monitoring procedures
• Provide technical input to improve efficiency of ATO and ConMon processes
• Develop, and integrate with other Cybersecurity workflow to include: ATO Intake, assessment, and Vulnerability Scanning process.
• Perform security reviews based on RMF controls compliance, clients, and security best practices.
• Conduct security reviews for initiatives and changes to the cloud infrastructure and systems. Security engineer is an active participant in the cloud technical working groups, providing security analysis, and providing recommendations.
• Performs architecture design reviews including configuration and log reviews and perform network traffic analyses.
• Produces a SAR Report to include HVA's architecture strengths and findings.
• Designs and deploys native Cloud security services and capabilities in AWS, Microsoft Azure, and Google Cloud.
• Performs proof of value of Cloud-native, COTS, 3rd party, or opensource security capabilities by hands-on deploying and evaluating against security requirements.
• Develops scripts or code to perform Cloud Security assessments through Cloud native API or SDK.
• Develops enterprise cloud security blueprints to include security in Infrastructure as Code (IaC templates).
• Analyzes the impact of emerging technologies on existing security systems and identifying potential risks
• Researches new and emerging security practices and capabilities such as AI/ML to address compliance and mitigate security risk.
• Assist with the improvement of the client's cloud security posture to include monitoring ingestion of logs such as: API, application/database, and flow logs into SIEM, and ensures maximum vulnerability scanning coverage.
• Develops solutions for integrating findings into a centralized dashboard that allows product owners direct access to team's specific systems or cloud account findings.
• Works with other teams to provide Cybersecurity analysis on proposed operations modifications, security impact assessments, provides tactical remediations, solutions and tradeoff assessments.