Senior Systems Security Engineer

$130,000 - $163,000/Yr

Skyepoint Decisions - Beltsville, MD

posted about 1 month ago

Full-time - Senior
Beltsville, MD
Professional, Scientific, and Technical Services

About the position

The Senior Systems Security Engineer at SkyePoint Decisions will provide technical leadership and management oversight for cybersecurity initiatives, particularly focusing on Microsoft products and security systems. This role involves protecting sensitive data and complex systems from various cyber threats while collaborating with a team to enhance the cybersecurity infrastructure. The position is hybrid, requiring onsite presence 2-3 days a week, and is contingent upon customer approval.

Responsibilities

  • Develop, identify and resolve security vulnerabilities related to deployment and testing processes.
  • Streamline and optimize processes and procedures to rapidly remediate vulnerabilities from cybersecurity threats.
  • Identify and remediate cybersecurity vulnerabilities.
  • Provide detailed assessments of potential risks to Microsoft-based systems, including both operating systems and applications, in accordance with NIST SP 800-30 Revision 1.
  • Collaborate with Department and external cyber stakeholders on cybersecurity technology implementations to meet specific operational needs.
  • Perform technical evaluations of recommended vulnerability mitigation actions and make recommendations based on impact and/or other countermeasures.
  • Develop strategies for CIC cyber defense technologies, ensuring integration and alignment for continued operation.
  • Perform operation and maintenance activities in support of existing CIC cyber tools and technologies (MSV, Qualys, Tenable Nessus and others).
  • Identify, diagnose and prioritize anomalies in cyber defense infrastructure and resources.
  • Document, request and maintain ports, protocols and services for CIC infrastructure.
  • Perform cybersecurity testing of developed applications and/or systems.
  • Identify and direct the remediation of technical problems encountered during testing and implementation of new systems.
  • Develop reports and dashboards and make tuning requests to SIEM system owner(s) in support of enhancing CIC cyber monitoring.
  • Perform security reviews and identify security gaps in architecture.
  • Make recommendations based on trend analysis to enhance CIC monitoring and hygiene activities.
  • Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
  • Apply sound technical and management principles to identify and remediate cybersecurity vulnerabilities across the State Department global IT enterprise infrastructure.
  • Apply organizational and process change principles.
  • Provide technical leadership and guidance to security and operational personnel.
  • Evaluate system performance results, lead teams in response to incidents/problems, perform risk assessments, and evaluate performance metrics.

Requirements

  • Bachelors and ten (10) years or more experience; Masters and eight (8) years or more experience; PhD or JD and seven (7) years or more experience.
  • 10+ years Microsoft Operating Systems (OS) engineering and support experience focusing on Active Directory (AD), System Center Configuration Manager (SCCM), System Center Operations Manager (SCOM).
  • In-depth experience in planning, implementing, and managing large/global enterprise infrastructures.
  • Familiarity with various analytical tools (Splunk, USBDeview, Netwitness, MimiKatz).
  • Understanding of Security Information and Event Management (SIEM) tools (Splunk, McAfee).
  • Familiarity with OMB, NIST, DHS, and related security guidelines and directives.
  • Interpersonal skills including the ability to collaborate effectively, and excellent written and oral communications.
  • Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • Server/endpoint OS (Microsoft, Linux, IOS) along with mobile and cloud technologies.
  • Cloud application security, Vulnerability Management and Security Information, and Event Management capabilities.
  • Knowledge of identity and access management solutions (MFA, PKI, SAML, etc.).
  • Countermeasures / mitigations to identified cybersecurity risks.
  • Information protection technologies (e.g., firewalls, antivirus, threat protection, servers, routers, and others as appropriate).
  • Network systems management principles, models, methods (e.g., end-to-end systems performance monitoring), and tools.
  • Cyber defense technologies, including but not limited to: Vulnerability Scanning & Management, Endpoint detection and response, threat protection, and network defenses.
  • Must be a U.S. citizen with an active Secret clearance.

Nice-to-haves

  • Microsoft Certifications (MCSE, MCSA, MCSD); CISSP or CISM; or IAT/IAM/IASAE level III equivalent.
  • ISACA Certified Information Systems Auditor (CISA).
  • GIAC Security Expert (GSE).
  • SCP Security Certified Network Architect (SCNA).
  • ISACA Certified Information Security Manager (CISM).
  • Certified Network Defense Architect (CNDA) or Certified Ethical Hacker (CEH).
  • Cisco Certified Network Professional (CCNP).

Benefits

  • Several insurance options including HMO and High Deductible plans with Health Savings Accounts [HSAs].
  • Flex Spending Accounts [FSAs].
  • Full Dental Plans.
  • Short-Term/Long-Term Disability.
  • Life Insurance.
  • Floating federal holiday options.
  • 401k matched.
  • Certificate Incentive Program to promote professional development.
  • Flexible Work Environment.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service