Softworld, Inc.
https://cdn.haleymarketing.com/templates/62150/logos/softworldinc-hml.png
http://www.softworldinc.com
http://www.softworldinc.com
true
Job Title: Cybersecurity Engineer
Job Location: Herndon VA 20171 (Hybrid)
Onsite Requirements:
Job Description:
Responsibilities:
Security Architecture & Design:
Threat Detection & Response:
Security Operations Management:
Other:
Qualifications:
Technical Skills (Essential):
Desired Qualifications:
** 3rd party and subcontract staffing agencies are not eligible for partnership on this position. 3rd party subcontractors need not apply.
This position requires candidates to be eligible to work in the United States, directly for an employer, without sponsorship now or anytime in the future.
This client is a US Federal Government contractor and is legally required to hire US Citizens. US Citizens will only be considered for this role. **
Cybersecurity Engineer
Posted: 09/25/2024
2024-09-25
2024-11-01
Employment Type:
Perm
Industry: IT
Job Number: BBBH78865_1727295249
Pay Rate: Negotiable
Job Description
Job Title: Cybersecurity Engineer
Job Location: Herndon VA 20171 (Hybrid)
Onsite Requirements:
- Palo Alto Products
- SIEM, SOAR
- Python and Bash scripting
Job Description:
- The client is seeking a highly motivated and experienced Senior Security Engineer to join our growing team. You will play a critical role in designing, implementing, and maintaining a robust security posture to protect our IT infrastructure and data from cyber threats.
- As a Senior Security Engineer, you will be responsible for a wide range of security activities, including security architecture, threat detection and response, and security operations management.
- You will work collaboratively with other teams to ensure our security posture aligns with business objective.
Responsibilities:
Security Architecture & Design:
- Design and implement secure system architectures, controls, and procedures aligned with industry best practices (NIST CSF, MITRE ATT&CK) and compliance frameworks.
- Champion the integration of security considerations throughout the software development lifecycle (DevSecOps).
- Stay informed on emerging security threats and trends to proactively improve our security posture.
Threat Detection & Response:
- Oversee the implementation and tuning of security monitoring tools (SIEM, XDR) for effective threat detection and incident response.
- Lead incident response activities, including investigation, containment, eradication, and recovery.
- Develop and maintain security playbooks to ensure efficient incident handling.
Security Operations Management:
- Manage and maintain security processes, ensuring continuous operational readiness and system protection.
- Provide technical and analytical leadership for evaluating and recommending new security tools and technologies (cloud security, container security).
- Collaborate across the organization to integrate security initiatives with business objectives.
Other:
- Mentor junior security team members on best practices and security tools.
- Develop, implement, and maintain the organization's GRC framework to ensure compliance with industry standards and regulations.
- Conduct risk assessments and analyze the potential impact on the organization's operations, making recommendations to mitigate identified risks.
- Monitor and evaluate compliance with security policies, procedures, and regulatory requirements
- Collaborate with cross-functional teams to integrate GRC practices into business processes and ensure effective risk management.
- Prepare and present detailed reports on compliance status, risk assessments, and mitigation strategies to senior management.
- Facilitate internal and external audits, ensuring all necessary documentation and evidence of compliance are readily available.
- Stay updated on evolving regulatory requirements, industry standards, and best practices in GRC.
- Provide training and guidance to staff on GRC policies and procedures to promote a culture of compliance within the organization.
- Manage incident response processes and ensure timely reporting and resolution of security incidents in accordance with regulatory requirements.
- Performs work under minimal supervision. Handles complex issues and problems and refers only the most complex issues to higher-level staff. Possesses comprehensive knowledge of subject matter. May act as a lead.
Qualifications:
- Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field (required).
- Minimum 5-8 years of experience in information security, with a focus on security architecture, threat detection & response, and security operations management (required).
- Experience with incident detection, response, and forensics (required).
- Experience with design, delivery, and management of security information systems (required).
- Strong analytical, problem-solving, and decision-making skills.
- Excellent communication, collaboration, and interpersonal skills.
- Ability to work independently and as part of a team.
- Ability to manage multiple priorities and meet deadlines in a fast-paced environment.
Technical Skills (Essential):
- Working knowledge of security technologies including firewalls, VPNs, DLP, IDS/IPS, and web proxies.
- Knowledge of Palo Alto's core products, especially the Strata platform which includes physical firewalls and the Panorama management system.
- Ability to design, deploy, operate, and manage Palo Alto firewall solutions.
- Familiarity with cloud security principles and Palo Alto's cloud offerings like Prisma Cloud.
- Understanding of security operations concepts like SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation and Response), which are relevant for XDR.
- Hands-on experience with Palo Alto firewall configuration, policy creation, and troubleshooting.
- Cisco or Palo Alto certifications (CCNA, CCIE, PCNSE, PCDRA).
- Experience with threat detection, incident response, and forensics methodologies.
- Proficiency in scripting languages (Python, Bash) for automation and security tooling.
- Strong understanding of system security engineering (SSE) principles and processes.
Desired Qualifications:
- Experience with cloud security principles and best practices (AWS Security, Azure Security etc.).
- Experience with container security (Docker, Kubernetes).
- Certifications such as CISSP, CRISC, CISM, CCSP.
** 3rd party and subcontract staffing agencies are not eligible for partnership on this position. 3rd party subcontractors need not apply.
This position requires candidates to be eligible to work in the United States, directly for an employer, without sponsorship now or anytime in the future.
This client is a US Federal Government contractor and is legally required to hire US Citizens. US Citizens will only be considered for this role. **
Share This Job:
Related Jobs:
About Herndon, VA
Discover exciting job opportunities in the vibrant area surrounding Herndon, Virginia! Nestled in Fairfax County, this bustling region offers a perfect blend of picturesque landscapes and urban amenities, making it an ideal location for your next career move. With easy access to renowned landmarks like the Smithsonian National Air and Space Museum Steven F. Udvar-Hazy Center and the vibrant music scene at Wolf Trap National Park for the Performing Arts, Herndon is truly a hub of culture and innovation. Indulge in local favorites like Chesapeake Bay blue crabs and explore the charming boutiques and galleries in the nearby Reston Town Center. Join us in unlocking the endless possibilities for professional growth and personal fulfillment in this enchanting corner of the country. Explore our job listings now and take the first step towards a rewarding career in this captivating region!