Metronome LLC has an immediate need for a Senior Security Engineer for a new customer on a highly visible and strategic Cybersecurity Task Order. The Senior Security Engineer will need to be a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to coordinate multiple, concurrent tasks in an effective manner. This individual will work with internal team members to ensure that systems are functional, secure, and scalable. The Security Engineer will support the design and development of cybersecurity tools and technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide systems and networks. Primary Responsibilities:
- Manage multiple assignments, changing priorities, and work independently with little oversight
- Tackles large security projects, both of a technical and compliance nature. The senior engineer is expected to tackle difficult technical issues and changes with minimal oversight
- Support all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same
- Work closely with senior engineers, other team members and application owners to solve technical problems at the network, system and application levels
- Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required
- Documentation, Visio Diagrams and reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order
- Resolve Linux system errors and crashes, disk space problems, huge file system and full disk errors
- Experience in backend solution, day to day system admin and monitoring, file system management and disk management and creation of shell scripts for the automation of tasks and the extraction of logs
- Hardware and software installations, upgrades, maintenance, security analysis and network performance and tuning of Windows and Linux servers in a virtual infrastructure
- Define system security & design requirements to meet FISMA and FedRAMP compliance standards
- Maintain a current working knowledge of IT development methodology, architecture design, security best practices, and technical standards
- Communicate with other technical leads, IT groups, and customer reps so they understand all aspects of proposed changes/solutions
- Provide follow-up reports (technical findings, feedback, resolution steps taken) for Root Cause analysis, engineering technical assessment and process improvement initiatives
- Communicate security vulnerability reports and trends to ensure appropriate corrective action is taken
- Develop, implement, communicate, and enforce security policies and/or processes for data, software applications, and cloud infrastructure
- Superior attention to detail with excellent written and verbal communication, problem solving, researching and follow-up skills
- Communicates with other technical leads, IT groups, and clients so they understand the project's technical implications, dependencies, and potential conflicts. Evaluates the impacts of change requests on own/shared technologies and effectively persuades and influences others on ideas
- Understanding network security (firewalls and IDS) design and implementation
- BS degree in Science, Technology, Engineering or related field and 8-10 years of prior relevant experience with a focus on cybersecurity OR Masters with 10 years of prior relevant experience.
- Experience installing, configuring, securing, and troubleshooting Microsoft Windows Server and Red Hat Enterprise Linux or similar Linux distributions
- Extensive automation experience with PowerShell and Shell Scripting for automating repeatable tasks and installations
- Extensive knowledge of server operations and maintenance
- Experience managing Active Directory (AD) and Azure Active Directory
- Experience managing Active Directory Federation Services (AD FS) and single sign-on using SAML and PIV/CAC
- Experience with Active Directory Group Policy management
- Knowledge and experience supporting public key infrastructure (PKI)
- Knowledge and experience implementing and supporting Active Directory Certificate Services (AD CS) and Azure Dedicated HSM
- Knowledge and experience managing keys, certificates, certificate requests, and format conversions with OpenSSL
- Understanding of cloud terminology, architecture, and tools to include installing, provisioning and monitoring
- Experience installing, configuring, and maintaining tools such as Tanium, Nessus, Axonius, CrowdStrike, and CyberArk in a hybrid-cloud environment
- Extensive knowledge of Ansible and Red Hat Satellite
- Perform analysis of security posture by reviewing vulnerability and compliance scans and making recommendations for remediations and managing POA&Ms
- Excellent problem solving, research, and follow-up skills
- Ability to obtain an Entry of Duty (EOD) Public Trust
- Candidate must, at a minimum, meet one of these certifications: CISSP, CCSP, CCNP, CCIE Security, CEH, RHCSA, RHCA, RHCE, MCSE, COMPTIA Security+, GCIH, GPEN, OSCP, OSCE, Azure Solutions Architect Expert
- Experience managing Palo Alto Networks VM-Series firewalls, AWS Network Firewall, AWS Network ACLs, AWS security groups, Azure Firewall, Azure network security groups, and related network resources
- Experience managing Azure Virtual Desktop service
- Solid understanding of developing and leveraging CI/CD pipelines (Continuous Integration/Continuous Deployment)
|