8556 - Security Engineer / DevSecOps Engineer
Location: Bethesda, MD
The Security Engineer is responsible for liaising directly with other InfoSec engineers, infrastructure and platform developers to design, install and test standardized solutions that meet stated security control objectives. Work closely with information technology teams and business stakeholders to understand goals, determine technical requirements, design, and implement application and data security solutions to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.
• Evaluate, design, test and implement changes to AWS IAM polices, KMS policies, bucket policies, roles, access requirements based on the needs of the business
• Hands-on design, develop, integrate, and update technical solutions that provide confidentiality, integrity, availability, authentication, and non-repudiation.
• Coordinate with systems architects and developers to provide guidance in the development and integration of secure design solutions.
• Validate IT solutions collaboratively with infrastructure and application development project teams ensuring that corporate security policy, standards and industry best practices are met.
• Drive the selection, POC, implementation and operational deployment of new technology solutions to ensure the confidentiality, integrity and availability of business data
• Deploy and configure technology, partnering with IT Infrastructure teams and vendor product professional service partners.
• Act as system SME for technologies and, working with the IT infrastructure team, ensure they remain properly maintained.
• Stay current with developing technologies, emerging threat landscape and predict impact of changing technologies.
• Must have at least 4 years experience including related engineering experience, SDLC/Agile development / DevOps.
• BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field. Master’s Degree is a plus.
• Knowledge of cloud deployments and associated security risks is required, an understanding of IaaS and SaaS based risks and mitigating security control solutions is essential.
• Demonstrated scripting, programming experience and ability to review code for specific characteristics and functionality.
• Demonstrated experience with Infrastructure as Code concepts, processes, services and capabilities in an AWS environment
• Demonstrated experience with building IaaS cloud based solutions including AWS, Azure, etc. including set up of their network security and identity and access management capabilities.
• Hands on experience in one or more of the following security technologies is a plus: Firewalls, DLP, enterprise antivirus, multifactor authentication, Active Directory, ADFS, PKI with certificate lifecycle management, encryption for data at rest and in transit is required.
• Candidate must have demonstrated experience with Windows, Linux, Red Hat, etc. hosts, operating systems
• Familiarity with network security techniques including virtual networking, IP routing, micro-segmentation using subnets and vlans, firewall-based network ACLs.
• Excellent interpersonal skills, presentation skills, and verbal / written communication skills
• Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives
• Ability to influence peers and management; ability to team cross-functionally and form relationships to achieve objectives
• Familiarity with information security policies, standards, industry best practices, and frameworks is desirable (ISO 27K, NIST 800-53, FISMA, etc.)
• Familiarity with security aspects of databases and middleware including MS SQL, Oracle, Tibco EMS is a plus.
• Demonstrated experience in one or more of the following is a plus: Public Key Infrastructure (PKI), Identity & Access Management, Encryption, monitoring and penetration testing technologies/concepts
• Demonstrated experience in defining (and/or evaluating) solutions for large, mission critical systems comprised of multi-tier web applications, enterprise messaging and web service based applications and batch processing is a plus.
• Knowledge of cloud solution orchestration tools including Chef, Puppet and scripting tools like Python, Perl is a plus.
• Demonstrated experience of working directly with vendors to ensure requirements can be met and familiarity with RFP/RFI processes is a plus.
• CISSP, CISM, Cloud based (Amazon, Google, Microsoft, etc.) Certifications are a plus