Senior Security Engineer
Bethesda, MD – hybrid (2 days/week onsite)
US citizenship is required per government contract
Must be able to get Public Trust clearance
We are seeking a highly skilled Security Engineer to join our team, specializing in implementing secure and resilient infrastructural modifications and advanced IT security enhancements. In this role, you will manage ITIL–based configuration and change management framework, ensuring alignment with NIST SP 800–128 guidelines. Your responsibilities will include overseeing the deployment and maintenance of both cloud–based and on–premises infrastructure, utilizing next–generation cybersecurity strategies to optimize performance and security. If you possess these skills and are passionate about maintaining high security and compliance standards through innovative IT solutions, we encourage you to apply now.
Job Responsibilities:
- Design and implement secure infrastructural modifications, leveraging expert technical and systems engineering consultancy.
- Develop and manage a forward–thinking configuration and change management framework aligned with NIST SP 800–128 guidelines, utilizing automation and predictive analytics.
- Deploy and maintain a diverse array of computing and communication technologies, ensuring compliance with NIST standards.
- Strategically adhere to the Risk Management Framework to achieve Security Authorization objectives, enhancing institutional resilience.
- Provide primary support for critical network and security functions, including firewall management, IP address allocation, and incident response.
- Develop and maintain detailed documentation and testing protocols for cloud–based and on–premises server setups and configurations.
- Employ a detailed change management process aligned with NIH Configuration Management Plan, ensuring thorough review and security impact analysis.
- Optimize endpoint security using tools like HCL BigFix for real–time patch deployment and vulnerability management.
- Implement automation for security certificate processes and other security–related tasks to enhance efficiency and compliance.
- Implement AI–driven tools for proactive server and endpoint monitoring, enhancing security posture.
- Partner with security personnel for annual Contingency Plan and Incident Response testing, ensuring readiness and compliance.
- Produce comprehensive security reports and documentation for systems and software lifecycle phases, adhering to federal standards and guidelines.
- Implement Information Security Continuous Monitoring (ISCM) and mitigate identified security risks throughout the lifecycle.
- Maintain security requirements for cloud services, ensuring FedRAMP compliance, data jurisdiction, and interconnection agreements.
- Provide detailed documentation to support Security Assessment and Authorization (A&A) processes, including System Security Plans (SSP) and Security Assessment Reports (SAR).
Job Qualifications:
Required:- A bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field is often required. Some positions may prefer or require a master's degree for senior roles.
- 6+ years of experience in information security or related IT field.
- Relevant certifications demonstrate expertise and commitment to the field including CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CompTIA Security+, or CCSP (Certified Cloud Security Professional).
- Effective communication skills, both written and verbal, are crucial for documenting processes, explaining technical concepts to non–technical stakeholders, and collaborating with cross–functional teams.
- Analytical thinking, problem–solving abilities, attention to detail, and the ability to work under pressure are also important traits.
- Understanding of regulatory compliance requirements (such as HIPAA) and industry standards (ISO 27001, NIST frameworks) is beneficial.
Preferred: Federal Consulting Industry Experience Preferred
#J-18808-Ljbffr