Principal Cybersecurity Engineer

At Two Six Technologies we build deploy and implement innovative products that solve the worlds most complex challenges today. Through unrivaled collaboration and unwavering trust we push the boundaries of whats possible to empower our team and support our customers in building a safer global future.

Two Six Technologies is growing and we are seeking a Principal Cybersecurity Engineer to join our Corporate Team. As the Principal Cybersecurity Engineer you will analyze plan implement maintain troubleshoot and enhance large complex systems and networks. Ideally you would possess a wide range of security experience as well as expert knowledge of NIST 800 seriesand CMMC 2.0 compliance in a Federal Government Contracting Environment.

This is a hybrid position working from our Arlington VA office.

WHAT YOU WILL DO:

• Work directly with team leads developers and operations personnel both on policy and technical implementation of technologies.
• Architect designs implements maintains and operates information system security controls and countermeasures; supervises and trains operators in the administration of these systems; documents the operation use and expected outputs of these systems.
• Analyze and recommend security controls and procedures in business processes related to use of information systems and assets and provide oversight to ensure compliance.
• Monitor information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents vulnerabilities and trends to IT or executive management.
• Oversee the response to information system security incidents including investigation of countermeasures to and recovery from computerbased attacks unauthorized access and policy breaches; engages interacts and coordinates with thirdparty incident responders including law enforcement.
• Oversee the administration of authentication and access controls including security/access roles and access permissions to information assets.
• Analyze trends news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes mitigation of risk; oversees risk and compliance selfassessments and engages and coordinates thirdparty risk and compliance assessments.
• Analyze and oversee the development of information security governance including organizational policies procedures standards baselines and guidelines with respect to information security and use and operation of information security management frameworks such as NIST 800171 and CMMC 2.0.
• Oversee the development and administration of information security training and awareness programs.

WHAT YOU WILL NEED:

• Bachelors Degree in Computer Science Information Technology (IT) or a related discipline or equivalent combination of education and work experience
• 8 years of solid diverse experience in Cyber Security Engineering and Incident Response
• 2 years in people management/leadership experience
• Ability to lead motivate and direct team members; and strong performance management skills to include coaching and goal setting
• Ability to demonstrate analytical skills technical knowledge and practical application of cyber and information security principles from technical teams to senior executives
• Knowledge of enterprise security solutions (Endpoint Detection and Response Security information and Event Management IT services management and Cloud etc..
• Knowledge of intrusion detection methodologies and techniques for detecting host and networkbased intrusions via intrusion detection technologies
• Knowledge of network security architecture concepts including topology protocols components and principles (e.g. application of defenseindepth)
• Knowledge of an organizations information classification program and procedures for information compromise
• Proven experience in an information assurance IT Risk and Compliance information security IT & Security audit collaborating with external auditors 3PAOs) or other similar IT role involving IT security and compliance
• High level of proficiency in supporting a variety of NIST 800171 & CMMC functions including: client environment asis assessments Plan of Action & Milestones (POAM) identification & documentation noncompliance remediation and recommendations policy and procedure creation and separation of duties

WHAT WE WOULD LIKE:

• CISSP Certification
• Direct experience in network security (SOC SIRT CSIRT) investigating targeted intrusions through complex network segments
• Experience working as a part of a Third Party Assessment Organization 3PAO)
• Linux and scripting languages experience
• Demonstrated skill of identifying capturing containing and reporting malware
• Experience with Cloud Computing Technologies (AWS GCP Azure)
• AWS Certification
• Experience administering additional security tools such as VPN Sumo Logic Qualys and Automox

Security Clearance Needed:

• An active Top Secret clearance