Senior Security Engineer

This is a remote position.

Job Title: Senior Security Engineer.

Location: Washington DC (Remote)

Duration: FullTime.

Role Specific Duties:

Provide network IDS monitoring cyber threat intelligence security log analysis and forensics and web application security scanning and analysis.

Protect users by performing internal security assessments working to identify vulnerabilities and providing remediation guidance to system/application owners

Join forces with Site Reliability Engineers and development teams to find new and creative ways to reduce the occurrence of vulnerabilities

Assist with the development implementation and management of processes that ensure security countermeasures and monitoring are effective and sustained on all applicable systems

Perform security architecture reviews and provide recommendations for enhancing security posture

Assess security of cloud connected systems and provide recommendations for enhancing security posture

Review quality issues and work towards detecting security flaws

Requirements

Required Qualifications:

Bachelors in Information Technology Information Security or equivalent experience

7 10 years experience in Information Security operations and/or incident response

CISM certification required CISSP preferred.

Experience working in a DEVSECOPS environment

Strong knowledge of Cloud Security including design of secure cloud architectures audit and security control implementation (preferably Microsoft Azure)

Strong knowledge of web application security including the use of scanning tools such as BurpSuite Pro and Acunetix

Working knowledge of Continuous Monitoring Continuous Diagnostics and Mitigation and risk assessment using NIST 80037

Expert level experience with the Linux operating system (RedHat preferred) and mixed Windows/Linux Enterprise environments

Experience with Splunk and other SIEM products

Additional Requirements as per contract/client:

Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for 3 years and be Federal Tax compliant.

Required Qualifications: Bachelor's in Information Technology, Information Security or equivalent experience 7 10 years experience in Information Security operations and/or incident response CISM certification required, CISSP preferred. Experience working in a DEVSECOPS environment Strong knowledge of Cloud Security, including design of secure cloud architectures, audit, and security control implementation (preferably Microsoft Azure) Strong knowledge of web application security, including the use of scanning tools such as BurpSuite Pro and Acunetix Working knowledge of Continuous Monitoring, Continuous Diagnostics and Mitigation, and risk assessment using NIST 800-37 Expert level experience with the Linux operating system (RedHat preferred) and mixed Windows/Linux Enterprise environments Experience with Splunk and other SIEM products Additional Requirements as per contract/client: Candidates must be a US Citizen or a Legal Permanent Resident (Green Card status) for 3 years and be Federal Tax compliant.