Updated 29 days ago

Cyber Security Engineer with Security Clearance

Washington, DC 20001
Full-time, Part-time
Cyber Security Engineer ~ Cloud Location: Reston, VA or Washington, DC
Clearance: TS/SCI with the ability to obtain and maintain a CI polygraph Responsibilities: • Plan, research, design and model robust Enterprise Security Architectures for systems hosted on traditional data centers and on cloud providers such as Amazon Web Services (AWS), Microsoft Azure, etc. • Develop security engineering requirements, procedures and policies for on-prem, cloud/container-based systems • Conduct applied security research on security standards, authentication tools and protocols in support of cloud/container-based systems using Identity and Access Management (IdAM) systems using public key infrastructures (PKIs) and PKI-Enabling (PKI/E) technologies • Identify COTS/GOTS Systems integration issues, security control implementation deficiencies and recommend enhancements to bolstering security posture • Acquire a complete understanding of a customer's technology and information systems • Perform vulnerability testing, risk and security assessments using penetration tester mindset • Conduct in-depth security engineering reviews and approve proposed systems/application security control implementations used for systems hosted in cloud/container-based providers such as AWS, Azure, OpenShift and Kubernetes • Provide technical supervision for (and guidance to) a security team • Oversee security awareness programs and educational efforts • Test final security structures to ensure they behave as expected • Deliver technical reports and formal papers on test findings
 Key Skills: • Consulting and professional services using Agile and DevOps methodologies • Security Research and Development (R&D) • Infrastructure Automation tooling to building and delivering secure systems delivery chain • Cloud and container security penetration and vulnerability testing • Networking, firewall and intrusion detection/prevention protocols • Computer Network Defense, ethical hacking and threat modeling • Identity and access management principles using PKI and PKI/E • Application security and encryption technologies • Enterprise system and security engineering and architecture • Implementing Risk Management Framework (RMF) in high-risk network environment • Practices and methods of IT strategy, enterprise architecture and security architecture • Familiarity with serverless technologies AWS Lambda, API Gateway, Azure Functions, Azure API Management • Familiarity with DevOpsSec concepts and system delivery implementations and patterns
 Key Technology Familiarity: • Hardening Operating Systems (OS) such as Windows, UNIX and Linux • Cloud security implementations using providers AWS and Azure • Container-based security implantation using Kubernetes, OpenShift and Docker • Database security in relational (MySQL/MsSQL) and non-relational (MongoDB) platforms • Network security enforcement points Cross Domain Solutions, Firewall, IDS/IPS, Network Access Control and Network Gateways • Configuration Management tools such as Git, GitLab, GitHub, Bitbucket • Virtualization technologies from VMware, Microsoft and Red Hat • Encryption technologies and standards • DevOps tools such as SaltStack, Terraform, Puppet, Ansible, Chef, • Infrastructure Cloud formation, YAML, JSON, Bash, Python, or other programming languages • Technical project management tools such as ServiceNow and Jira • Pentesting platforms such as Kali, burp, metasploit • Vulnerability management tools such as Twistlock, NuVector, PureSec, jFrog, x-ray • CND tools such as Splunk (Enterprise Security, UBA, and Phantom) and Elastic (Elastic Search, LogStash, Kibana, etc.)
 Requirements: • Bachelor's Degree in Computer Science, Software Engineering, Systems Engineering, Information Systems or a related technical discipline with 5+ yrs. of related work experience; an additional 4 years of work experience may be substituted in lieu of a degree • Strong knowledge of PKI and PKI-Enabling technologies • systems architecture/engineering supporting data science projects a plus • Excellent written and oral communication skills a must, with the ability to work independently or as a member of a team; must be comfortable working with personnel on all levels of an organization • Must possess current DoD 8570 IAT III certification or be able to obtain within 90 days of start date • Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph
Posting ID: 602926569Posted: 2021-08-21Job Title: Cyber Security Engineer Security