Responsibilities:
The following duties and responsibilities include performing hands-on administration of technologies, logically designing security solutions, and authoring engineering documentation (including project plans, requirements, risks, schedules, and other documents required as part of a formal Project Management process). Specific responsibilities shall include, but are not limited to, the following:
- Author / amend the Security Engineering program document to serve as the primary tool for designing the ideal Security Engineering program for the Information Security Branch.
- Support the implementation of a formal Security Engineering program with a variety of product types (e.g., project plans, system designs, network diagrams, formal requirements, test cases, user stories, use cases, standard operating procedures).
- Document the network in the form of a network architecture / diagram.
- Support the design and implementation of a robust security infrastructure that protects data and systems from internal and external threats.
- Support the maintenance and management of security tool sets. This might include tasks such as upgrading software, applying patches, and configuring settings to ensure the toolset is operating effectively and efficiently.
- Research new security capabilities and recommend solutions that can be employed within the infrastructure. This could involve identifying new technologies that could help improve the security posture and making recommendations for their implementation.
- Support the implementation of a Zero Trust architecture. This might include enhancing identity and access management controls, improving network segmentation, and ensuring sufficient logging and visibility across assets.
- Support the evaluation of the current technology stack and propose opportunities for improvement (e.g., use current technology better, consolidate technology).
- Build dashboards, detection techniques, and other cybersecurity approaches to monitor and defend the assets from both external and internal threats.
- Evaluate security engineering plans and document recommendations. This could include providing advisory services to designs proposed by others or amend designs to include and/or enhance security defenses.
- Attend meetings as required, take meeting notes / minutes, and capture action items on behalf of the Cybersecurity Operations Unit and provide that information back to the team.
Requirements:
- At least 5 years of experience performing the functions associated with this labor category.
- Experience designing and implementing secure networks and systems in either local (on-premises) or cloud computing solutions.
- Deep understanding of security technologies, including firewalls, intrusion detection and preventions systems, identity and access management solutions, and encryption protocols.
- Familiarity with relevant industry standards and regulations, as well as with software development standards and practices such as the Systems Development Lifecycle, project and program management principles, and Agile development methodologies.
- Experience analyzing data to identify patterns and anomalies that may indicate security threats or vulnerabilities.
- Experience assessing risk and developing mitigation strategies.
- Experience designing and implementing secure networks and systems in either local (on premises) or cloud computing solutions. This includes creating secure designs and integrating security appliances and technology into local, cloud, and/or hybrid networks. Highly desired experience includes the following: Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Data Centers.
- Deep understanding of security technologies, including firewalls, intrusion detection and preventions systems, identity and access management solutions, and encryption protocols. Highly desired experience includes the following: AWS security technologies, Microsoft Azure security technologies, Google Cloud, Cisco networking appliances, F5, Bluecoat, Palo Alto, VMware, CrowdStrike, Tenable, FireEye, Gigamon, Splunk, and other common enterprise security technology providers.
- Familiarity with relevant industry standards and regulations, as well as with software development standards and practices such as the Systems Development Lifecycle, project and program management principles, and Agile development methodologies. This includes, but is not limited to, the Project Management Institute’s Project Management Body of Knowledge (PMBOK) standards, the National Institute of Standards and Technology’s (NIST) Special Publication 800-160 Vol. 2 Rev. 1 “Developing Cyber Resilient Systems: A Systems Security Engineering Approach,” and NIST’s Cybersecurity Framework 2.0.
- Must complete two (2) technical writing submissions upon being chosen for the position
- 4 days per month of onsite work at the DC premises
Job Type: Full-time
Pay: $155,000.00 - $160,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Professional development assistance
- Referral program
- Tuition reimbursement
- Vision insurance
Experience level:
Schedule:
- 8 hour shift
- Monday to Friday
Application Question(s):
- If chosen for the position, can you demonstrate your technical knowledge and expertise by submitting two writing samples pertaining to the skillset of a Security Engineer?
Experience:
- Security engineering: 5 years (Required)
Ability to Commute:
- Washington, DC 20006 (Required)
Work Location: Hybrid remote in Washington, DC 20006