Sr. Systems Security Engineer

AnaVation•Washington, DC

4d•Onsite

About The Position

AnaVation is looking for a Sr. Systems Security Engineer/System Administrator to assist the customer with engineering and administration tasks. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members. This position requires a Public Trust. This position is on-site in Washington, DC.

Requirements

5-10 years of experience in information system engineering and configuration management.
5 years of experience in control implementation and secure system engineering or design.
Excellent communication skills.
Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management
SIEM tools (e.g., Splunk)
Vulnerability Scanning tools (e.g., Tenable, Nessus)
EDR tools (e.g., Crowdstrike)
Active Directory administration
Virtualization platforms
SCCM
Expertise in batch, bash, and/or PowerShell scripting
Able to deliver and present security compliance to a wide range of audiences (i.e., system owners, division leadership).
Server virtualization - design solutions and configuration (VMWare, VSphere, Hyper-V, etc)
Experience with: Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases
Agile Methodologies
GRC Tools (e.g., CSAM)
Strong desire to learn, grow and is highly motivated.
Certifications: OS specific certifications, Security +
Personnel assigned to this task shall possess a blend of strong technical skills (networking, operating systems, security tools, programming, encryption) and essential soft skills (problem-solving, critical thinking, communication, collaboration) to design, implement, and maintain an information system’s security control implementation.

Nice To Haves

Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP
Networking experience

Responsibilities

Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications.
Perform system administration tasks to include patching, audit log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance.
Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles.
Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs.
Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF).
Conducting, configuring, and managing vulnerability scans.
Conducting vulnerability remediations, patching, and system hardening.
Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls.
Support security assessments, audits, and accreditation/authorization (ATO) activities.
Document security configurations, engineering solutions, and compliance evidence.
Troubleshoot and resolve security-related technical issues in a timely manner.
Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans.
Providing Incident Response (IR) activities include triage, investigating, interviewing, resolving, and reporting on events.
Promoting information security awareness across the program, ensuring security controls and processes are implemented.
Presenting vulnerability analysis to system owners, and leadership.