Senior Security Engineer

Tria Federal

52d

About The Position

As a Softrams, a Tria Federal company, Senior Security Engineer/Analyst you will be working on multiple projects facilitating security operations including Web Applications, Infrastructure Scanning / Auditing, Log Monitoring, and CDN Activity. Softrams utilizes industry standard tools and follows an Agile framework. Softrams, a Tria Federal company, is seeking a passionate Senior Security Engineer/Analyst that supports transition and maintenance of required federal program security documentation and security processes. As a Security Engineer/Analyst, you will be responsible for Security Operations Monitoring and Management SOPs, vulnerability monitoring and reporting, security risk tracking, assessment, and reporting. The CISSP with experience on FedRAMP applications and ATO processes is required. An AWS certification and security experience from multiple AWS projects is highly preferred.

Requirements

Proven work experience as a system security engineer or information security engineer.
Thorough knowledge of NIST 800-53 controls, ATO processes, and FedRAMP systems.
Required to maintain ATO for systems and perform during annual Adaptive Capabilities Testing (ACT).
Thorough understanding of the latest security principles, techniques, and protocols.
Experience with Kali, Linux, and Windows Operating Systems.
Knowledge of static and dynamic code testing.
Experience in building and maintaining security systems.
Detailed technical knowledge of database and operating system security.
Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
Experience with network security and networking technologies and with system, security, and network monitoring tools.
Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols.
Problem solving skills and ability to work under pressure in a fast-paced environment.
Familiarity with Cloud Computing Platforms (AWS, Azure, Google).
Proficiency with Nessus, Burp Suite, ZAP, and OWASP.
Writing scripts with Python, Bash, and PowerShell.
Experience with Splunk, Salesforce, AppOmni, and AWS -> They need to showcase they have experience managing integrations with these software packages and can work without supervision to complete assigned tasks.
CISSP
Public Trust Clearance: This role will require the hired candidate to go through public trust clearance. A minimum of 3 years of stay in the U.S. within the last 5 years is required to be eligible to qualify for public trust clearance sponsorship.

Nice To Haves

AWS Security Certification
Certified Authorization Professional (CAP)
Certified Ethical Hacker (CEH)
Certified Network Defense Architect (CNDA)

Responsibilities

Engineer, implement, and monitor security measures for the protection of computer systems, networks, and information.
Identify and define system security requirements.
Design computer security architecture and develop detailed cyber security designs.
Prepare and document standard operating procedures and protocols.
Configure and troubleshoot security infrastructure devices.
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
Ensure that the company knows as much as possible, as quickly as possible about security incidents.
Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
Video documentation of Proof of Concept or Vulnerability Exploitation.
Maintain ATOs and all security documentation, including, but not limited to: SSP, CP, ISRA, TableTop Exercises, and PIA