Systems Engineer - Principal I

Our client is supporting a U.S. Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment including introducing new cyber capabilities to address emerging threats.

The Senior Cloud Security Architect must display superb understanding and be knowledgeable with a multitude of technologies to include; AWS, SIEM, firewalls, web application firewalls, VPNs, DNS, Data Loss Prevention, IDS/IPS, and proxies, to name a few. Develops security systems for any manual or automated systems environments. Responsible for ensuring the logging of mission and organizational data against unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification. The successful Senior Cloud Security Architect will be comfortable working with a variety of different tools and appliances, security problems, and troubleshooting various complex issues.

The successful candidate applies current analytical and logical thinking to the design, architecture, development, evaluation, testing, and integration of computer systems, appliances, and networks involving the architecture and implementation of Cyber Security tools in a hybrid environment. Attention to detail, honesty, out of the box thinking with a problem-solving mindset, be able to work under pressure, and be able to deliver on tight delivery schedules are recommended soft skills.

Required Skills:
An active Secret security clearance is required with the eligibility to obtain a TS/SCI. TS/SCI is preferred.
Must be able to obtain DHS suitability prior to starting employment
This is a hybrid position
8+ years of directly relevant experience.
Must have hands-on experience with AWS and Linux in a production environment.
Knowledge of Federated Identity, RBAC, authentication & authorization solution, etc.
Working Knowledge of secure-cloud configuration, (e.g., CloudTrail, AWS Config), cloud-security technologies (e.g., VPC, Security Groups) and Access Control (IAM).
Hands on experience with security, such as NGFW, WAF, SIEM, endpoint security.
Ability to work in a fast-paced agile environment
Experience and/or familiarity with the following network protection devices: Firewalls, intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
Manage technology roadmaps with each product and propose briefs and reports to elaborate on recommended actions based on best practices
Support system accreditation efforts (ATP, ATO) by generating Risk Management Framework (RMF) artifacts

Desired Skills:
Familiarity with one or more of the following: RSA Security Analytics (NetWitness), Symantec Bluecoat, CyberArk, ForeScout CounterAct, McAfee ePO, CrowdStrike, FireEye, Cisco FirePower (SourceFire), RedSeal, SecureSphere Imperva, Tenable Nessus, Splunk, PKI, chain of trust, and certificates.
Understanding and application of DoDAF and Model Based System Engineering (MBSE)

Required Education:
BS Computer Science, Computer Engineering, Computer Information Systems, OR Computer Systems Engineering. Two years of related work experience may be substituted for each year of degree level education.