Position: Sr. Security Engineer
Location: Chevy Chase, MD - Hybrid
Are you looking for a growth opportunity for a reputable company with a positive work environment? Our client is looking for a Sr. Security Engineer to join their team. Please contact us today to discuss this opportunity!
Job Responsibilities:
Develop and design robust systems, networks, and applications with a focus on security to mitigate cyber threats effectively.
Evaluate and suggest security technologies and tools to fortify the organization's security stance.
Deploy and oversee security information and event management (SIEM) systems to monitor and respond to security incidents.
Perform penetration testing and ethical hacking to identify and resolve vulnerabilities proactively.
Establish and evaluate compliance security configurations for hardware, software, and cloud services.
Offer expertise in security governance and compliance frameworks, such as CIS Benchmarks.
Create and maintain security documentation, including security policies and procedures.
Execute and report on internal and third-party Red Team, Purple Team, and Blue Team assessments and exercises.
Collaborate with Application and Development teams to ensure adherence to stringent security standards for both on-premises and cloud-based custom development.
Define, execute, and report on digital forensics procedures, policies, and outcomes.
Conduct regular tabletop exercises to assess and enhance incident response plan effectiveness.
Actively engage in Information and Cybersecurity initiatives, Bank Vulnerability Management, and Data Loss Prevention programs, including vulnerability remediation, threat research, and user security education.
Participate in change management processes for addressing threats or vulnerabilities.
Provide after-hours and weekend analysis as necessary beyond regular working hours.
Undertake other assigned projects as required.
Job Qualifications:
Bachelor's Degree from a 4-year accredited institution with a minimum of 4 years of related experience, or 8 years of Information Security experience.
At least 4 years of Cybersecurity Engineering or Architecting experience.
Cybersecurity certifications such as Certified Information Security Professional (CISSP), GIAC Defensible Security Architecture (GDSA), GIAC Certified Incident Handler (GCIH), CERT Certified Computer Security Incident Handler (CSIH), GIAC Certified Forensic Examiner (GCFE), and Offensive Security Certified Professional (OSCP).
Proficient experience with cybersecurity and network analysis tools, network topologies, intrusion detection methodologies, Windows systems, and preferably Linux systems analysis for evidence of compromise.
Familiarity with NIST SP 800-53, FFIEC Booklets, and Critical Security Controls requirements.
