Senior Network Security Engineer
Agile Defense, LLC | |
United States, D.C., Washington | |
Dec 20, 2024 | |
At Agile Defense we know that action defines the outcome and new challenges require new solutions. That's why we always look to the future and embrace change with an unmovable spirit and the courage to build for what comes next.
Our vision is to bring adaptive innovation to support our nation's most important missions through the seamless integration of advanced technologies, elite minds, and unparalleled agility-leveraging a foundation of speed, flexibility, and ingenuity to strengthen and protect our nation's vital interests.
Requisition #: 588
Job Title: Security Engineer IV
Location: 1155 21st St NW Washington, District of Columbia 20581
Clearance Level: Active DoD - Public Trust
SUMMARY
Agile Defense is currently seeking a talented Senior Network Security Engineer to support Agency-level Cybersecurity Program to streamline the current Architecture and Engineering approach with a focus on roadmap planning. The ideal candidate enjoys activities defined to be "as is" and "to be" architectures including the business, data, application, and technology layers along with a high-level implementation plan.
The ideal candidate will play a pivotal role in shaping the client's cybersecurity strategy, providing support to understand and develop system requirements and technical solutions based on the client system architectures as follows:
*
Support the maturation of the client's enterprise architecture to align with the client's information security and risks to the organizational operations, organizational assets, and individuals.
*
You will support the government in all aspects of planning, designing, implementing, optimizing, and troubleshooting the network security system to improve the organization's efficiency and resiliency.
*
You will further support the government in protecting the network from threats that could attack it, including existing dangers, mishaps, and malicious attacks.
*
You will develop alternative system designs and architectures and consider trade-offs between security requirements, functional/operational requirements, and cost.
*
You will review and describe the impact of new or changing federal policies. You will review and describe the impact of new or revised legislation and regulations (OMB, DHS, FISMA, and more).
*
In coordination with Enterprise Architecture and the Architecture Review Board, you will provide cybersecurity engineering expertise to conduct technical analysis of board program planning reviews related to future enterprise architecture updates and proposed information security mechanisms.
As a cybersecurity engineer, you will be at the forefront of technology, conducting research and presenting analyses to evaluate and/or identify and describe emerging industry technology trends, government agency best practices, and security issues.
JOB DUTIES AND RESPONSIBILITIES
*
Serves as subject matter expert, possessing in-depth knowledge of a particular area, such as information security, cloud security, systems engineering, big data, or the various sciences related to enterprise technology.
*
Provides technical knowledge and analysis of highly specialized applications and operational environments, high-level functional systems analysis, design, integration, security, implementation advice on exceptionally complex problems that need extensive knowledge of the subject matter for effective implementation.
*
Participates as needed in all phases of system and software development with emphasis on the planning, analysis, security, testing, integration, documentation, and presentation phases.
*
Applies principles, methods, and knowledge of the functional area of capability to specific task order requirements, advanced software, systems and security principles and methods to exceptionally difficult and narrowly defined technical problems in engineering and other scientific applications to arrive at automated solutions.
*
Participate as a member of the organizations Configuration Control Board and present recommendations for mitigating or remediating identified security concerns with requested changes.
*
Use security tools to identify weak ciphers and coordinate with project teams to divest weaker ciphers and replace them with current ciphers in support of Post Quantum Cryptography efforts.
QUALIFICATIONS
Required Certifications
*
Current industry certification: (AWS Solutions Architect, CCNP, AWS Certified Advanced Networking Specialty, Microsoft Certified: Azure Network Engineer Associate, in addition to cybersecurity specific certification, like CISSP, CISM, CISA, or others.)
Education, Background, and Years of Experience
*
Bachelor's Degree required (preferred Computer Science, Data Analytics, Business Information Systems, Mathematics, Statistics, or equivalent).
*
Seven (7) years or more direct, hands-on, experience and expertise in a specific domain area.
ADDITIONAL SKILLS & QUALIFICATIONS
Required Skills
*
Ability to facilitate meetings and discussions for an audience with a wide range of technical skills (from very technical-to-no technical background).
*
Strong research and presentation skills
*
Understands various identity services, networks, processing platforms, operating systems, middleware, web services and applications, data technologies, and security technologies.
*
Work cross-functionally to understand client's use of IoT, ICS, VOIP, VTC technologies, AWS, Azure, and ServiceNow cloud environments.
*
Must remain knowledgeable on existing FedRAMP IaaS, PaaS, and SaaS and converging FedRAMP Ready service offerings.
*
Must maintain an ability to perform security assessments of a wide array of environments, technologies, and products.
*
Identify the assets within system boundaries, verify ports protocols and services, verify security controls, and posture, and implement security mechanisms.
*
Direct experience using MS Visio (or other network diagraming tools) to update architecture diagrams, data flows, and other views used as part of the Authorization and Accreditation process.
*
Advanced ability to work with APIs, Excel, Power Query, PowerBI, and other tools to render data into visualizations that are comprehensive and easy to understand.
*
Understanding of firewall rule sets and various firewall GUI's, with an ability to make recommendations to reduce rules for zero count rules and other recommendations based on sound security practices.
Preferred Skills
*
Scripting (Bash, Batch, WMI, PowerShell, KQL)
*
Ability to quickly learn new tools and to solve complex problems in an ad-hoc nature.
*
Familiar with Network Protocols (SSH, Secure FTP, TLS/SSL) and network encryption algorithms.
*
Provide technical representation in cross-organizational meetings, including external vendor meetings, architecture review boards, change control boards, and project team meetings.
*
Knowledgeable of Cloud Service Providers (Azure, AWS, ServiceNow, M365, other SaaS environments), their service offering, and security best practices for each service offering.
*
Ability to assess planned technology changes and determine interdependencies and impact on interconnected components.
*
Ability to identify relevant security controls impacted by each change and prescribe security methods and mechanisms.
*
Validate architectural changes, identify external communications paths and internal communications dependencies, validate system compliance and vulnerability findings, and validate credentialed access to information systems and components. Employees of Agile Defense are our number one priority, and the importance we place on our culture here is fundamental. Our culture is alive and evolving, but it always stays true to its roots. Here, you are valued as a family member, and we believe that we can accomplish great things together. Agile Defense has been highly successful in the past few years due to our employees and the culture we create together. What makes us Agile? We call it the 6Hs, the values that define our culture and guide everything we do. Together, these values infuse vibrancy, integrity, and a tireless work ethic into advancing the most important national security and critical civilian missions. It's how we show up every day. It's who we are.
Happy
-
Be Infectious.
Happiness multiplies and creates a positive and connected environment where motivation and satisfaction have an outsized effect on everything we do.
Helpful
-
Be Supportive.
Being helpful is the foundation of teamwork, resulting in a supportive atmosphere where collaboration flourishes, and collective success is celebrated.
Honest
-
Be Trustworthy.
Honesty serves as our compass, ensuring transparent communication and ethical conduct, essential to who we are and the complex domains we support.
Humble
-
Be Grounded.
Success is not achieved alone, humility ensures a culture of mutual respect, encouraging open communication, and a willingness to learn from one another and take on any task.
Hungry
-
Be Eager.
Our hunger for excellence drives an insatiable appetite for innovation and continuous improvement, propelling us forward in the face of new and unprecedented challenges.
Hustle
-
Be Driven.
Hustle is reflected in our relentless work ethic, where we are each committed to going above and beyond to advance the mission and achieve success.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35
(c) Apply for this job |