Sepio Security Engineer

About The Position

Requirements

• A Bachelor's degree in Computer Science, Information Technology, or related field and 8-12 years of experience. Additional experience may be considered in lieu of a degree
• 3+ years of experience in system security engineering, network security, or a related field, with hands-on experience in security technologies such as firewalls, IDS/IPS, and endpoint protection solutions.
• Strong knowledge of security principles, best practices (NIST, ISO 27001), and networking concepts/protocols (TCP/IP, VLANs, VPNs).
• Excellent analytical and problem-solving skills, with the ability to troubleshoot complex issues in both on-premise and cloud deployments.
• Strong written and verbal communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.

Nice To Haves

• Experience working with Nucleus or TVM
• Experience working in AWS and Azure
• Experience working with CrowdStrike or RelativityOne is a plus

Responsibilities

• Sepio Platform Management: Design, deploy, configure, and optimize the Sepio Asset Risk Management (ARM) solution to identify, detect, and handle all peripheral devices within the infrastructure.
• Rogue Device Mitigation: Develop and implement robust policy enforcement mechanisms to automatically detect and block unauthorized or rogue hardware devices based on physical layer data characteristics.
• Security Architecture: Collaborate with IT and network engineering teams to integrate security controls into the overall system architecture, ensuring a defense-in-depth strategy.
• Vulnerability & Risk Assessment: Conduct thorough risk assessments and vulnerability analyses to identify potential security weaknesses, prioritizing findings for remediation and recommending mitigation strategies.
• Monitoring & Incident Response: Monitor security systems for irregular behavior and participate in incident response activities, including investigation, containment, and recovery efforts related to hardware and network anomalies.
• Policy Development: Develop, document, and maintain security policies, procedures, and standards to ensure compliance with industry regulations and best practices.
• Collaboration & Training: Work closely with cross-functional teams (e.g., Product, Support, Engineering) and provide guidance and training to staff on security best practices and the effective use of security tools.
• Documentation and reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order
• Define system security & design requirements to meet FISMA and FedRAMP compliance standards
• Provide follow-up reports (technical findings, feedback, resolution steps taken) for Root Cause analysis, engineering technical assessment and process improvement initiatives