Engineering - Sr Cybersecurity Engineer

Quadrant - Arlington, VA

posted 4 months ago

Full-time - Mid Level
Arlington, VA
Management of Companies and Enterprises

About the position

The Senior Cybersecurity Engineer position at Quadrant, Inc. is a critical role that requires a seasoned professional with extensive experience in cybersecurity engineering. The ideal candidate will have a minimum of five years of relevant experience, particularly in roles such as Information Systems Security Officer or Manager. This position demands a deep understanding of various cybersecurity tools, including but not limited to Splunk, CrowdStrike, ProofPoint, and Qualys. The successful candidate will be responsible for hardening servers, workstations, routers, switches, and mobile devices in accordance with established guidelines such as CIS or STIG. A solid grasp of NIST Risk Management Framework (RMF), NIST Cybersecurity Framework (CSF), and other IT compliance and privacy regulations is essential. In addition to technical expertise, the role requires excellent analytical and problem-solving skills. The candidate must hold a certification in at least one of the following: CISSP, CASP, Splunk Enterprise Certified Admin, or GDSA. A Bachelor's degree in Computer Science, Mathematics, Information Management, or a related field is mandatory. The Senior Cybersecurity Engineer will utilize their subject matter expertise to deploy, administer, and monitor security tools, ensuring the secure configuration of technical assets according to federal recommendations. The responsibilities include preparing monthly reports and dashboards that highlight vulnerabilities and configuration findings, providing remediation recommendations, and maintaining virus protection and SPAM utilities across all technology assets. The engineer will also perform security reviews of proposed applications and collaborate with key stakeholders to develop comprehensive security strategies. Furthermore, the role involves leading FISMA audit data gathering and response activities, reviewing security risk exceptions, and coordinating responses to directives issued by CISA. This position is integral to maintaining the agency's authority to operate (ATO) in compliance with federal FISMA requirements.

Responsibilities

  • Utilize subject matter expertise to deploy, administer, and monitor security tools such as vulnerability scanners, SIEM tools, Endpoint Detection and Response tools, Data Loss Prevention, and Phishing/Spam email filtering tools.
  • Provide uniform controls for the secure configuration of technical assets, including mobile computers and devices according to Federal recommendations and requirements.
  • Incorporate automated secure configuration tools into the security tools to verify the secure configuration of various technical assets.
  • Prepare monthly reports and dashboards that identify vulnerability and configuration findings, provide recommendations for remediation, and time frames for remediation activities.
  • Update and maintain virus protection and SPAM utilities on all capable technology assets.
  • Perform security reviews of proposed applications/technologies and changes to production applications/technologies to provide recommendations for security & privacy control requirements.
  • Collaborate with key customer stakeholders to formulate comprehensive security strategies and implementation procedures in response to findings.
  • Develop and maintain assessment and authorization artifacts needed for the agency's authority to operate (ATO) in accordance with federal FISMA requirements.
  • Lead FISMA audit data gathering and response activities.
  • Review and provide recommendations for security risk exceptions.
  • Review and develop security and privacy policies and procedures.
  • Review and coordinate response to CISA issued Emergency Directives, Binding Operational Directives, and other data calls.

Requirements

  • 5+ years of Cybersecurity engineering experience.
  • Experience as an Information Systems Security Officer or Manager.
  • Experience with using cybersecurity tools such as Splunk, CrowdStrike, ProofPoint, and Qualys.
  • Experience with hardening servers, workstations, routers, switches, and mobile devices in accordance with CIS or STIG guidance.
  • Solid understanding of NIST RMF, NIST CSF, and similar IT Compliance and Privacy regulations.
  • Solid understanding of cloud security architecture within multiple cloud services (AWS, GCP, Azure).
  • Excellent analytical and problem-solving skills.
  • Certification in at least one of the following: CISSP, CASP, Splunk Enterprise Certified Admin, or GDSA.
  • Bachelor's degree in Computer Science, Mathematics, Information Management, or related field required.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service