Senior Security Engineer with Palo Alto

ALTA IT Services - Herndon, VA

posted 5 days ago

Full-time - Mid Level
Hybrid - Herndon, VA
Professional, Scientific, and Technical Services

About the position

ALTA IT is seeking a Senior Security Engineer to play a critical role in designing, implementing, and maintaining a robust security posture to protect IT infrastructure and data from cyber threats. This hybrid role requires living within commuting distance of Herndon, VA, and involves a wide range of security activities including security architecture, threat detection and response, and security operations management. The engineer will collaborate with other teams to ensure security measures align with business objectives.

Responsibilities

  • Design and implement secure system architectures, controls, and procedures aligned with industry best practices and compliance frameworks.
  • Champion the integration of security considerations throughout the software development lifecycle (DevSecOps).
  • Stay informed on emerging security threats and trends to proactively improve security posture.
  • Oversee the implementation and tuning of security monitoring tools for effective threat detection and incident response.
  • Lead incident response activities, including investigation, containment, eradication, and recovery.
  • Develop and maintain security playbooks to ensure efficient incident handling.
  • Manage and maintain security processes, ensuring continuous operational readiness and system protection.
  • Provide technical and analytical leadership for evaluating and recommending new security tools and technologies.
  • Collaborate across the organization to integrate security initiatives with business objectives.
  • Mentor junior security team members on best practices and security tools.
  • Develop, implement, and maintain the organization's GRC framework to ensure compliance with industry standards and regulations.
  • Conduct risk assessments and analyze the potential impact on the organization's operations, making recommendations to mitigate identified risks.
  • Monitor and evaluate compliance with security policies, procedures, and regulatory requirements.
  • Prepare and present detailed reports on compliance status, risk assessments, and mitigation strategies to senior management.
  • Facilitate internal and external audits, ensuring all necessary documentation and evidence of compliance are readily available.
  • Stay updated on evolving regulatory requirements, industry standards, and best practices in GRC.
  • Provide training and guidance to staff on GRC policies and procedures to promote a culture of compliance within the organization.
  • Manage incident response processes and ensure timely reporting and resolution of security incidents.

Requirements

  • Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.
  • Minimum 5-8 years of experience in information security, focusing on security architecture, threat detection & response, and security operations management.
  • Experience with incident detection, response, and forensics.
  • Experience with design, delivery, and management of security information systems.
  • Strong analytical, problem-solving, and decision-making skills.
  • Excellent communication, collaboration, and interpersonal skills.
  • Ability to work independently and as part of a team.
  • Ability to manage multiple priorities and meet deadlines in a fast-paced environment.
  • Working knowledge of security technologies including firewalls, VPNs, DLP, IDS/IPS, and web proxies.
  • Knowledge of Palo Alto's core products, especially the Strata platform.
  • Ability to design, deploy, operate, and manage Palo Alto firewall solutions.
  • Familiarity with cloud security principles and Palo Alto's cloud offerings like Prisma Cloud.
  • Understanding of security operations concepts like SIEM and SOAR.
  • Hands-on experience with Palo Alto firewall configuration, policy creation, and troubleshooting.
  • Cisco or Palo Alto certifications (CCNA, CCIE, PCNSE, PCDRA).
  • Proficiency in scripting languages (Python, Bash) for automation and security tooling.
  • Strong understanding of system security engineering principles and processes.

Nice-to-haves

  • Experience with cloud security principles and best practices (AWS Security, Azure Security etc.).
  • Experience with container security (Docker, Kubernetes).
  • Certifications such as CISSP, CRISC, CISM, CCSP.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service