We are currently seeking to hire a full-time, direct hire Senior Security Engineer for a fully onsite position in the Northern Virginia area. This role will be responsible for overseeing and enhancing the security of the IT infrastructure, leading security initiatives, and ensuring compliance with industry standards.
Top 3 Must haves:
- NIST Framework Expertise: Deep understanding of the NIST cybersecurity framework, with hands-on experience in implementing policies and best practices.
- Penetration Testing and Vulnerability Management: Proven experience conducting advanced penetration tests, managing vulnerabilities, and working with ISO 27001, CIS controls, and tabletop exercises.
- Fortinet Firewalls, Azure, and VMware Expertise: Strong hands-on experience with Fortinet firewalls, Azure applications, VMware environments, and managing Dell physical servers, with a focus on infrastructure lifecycle.
Additionally, a CEH certification would be a valuable asset.
GENERAL DESCRIPTION:
A Senior Security Engineer plays a crucial role in maintaining and enhancing the security of the IT infrastructure. This role involves acting as the security lead for a global ship registry with 20 offices worldwide.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
• Security Protocols: Establish and maintain security protocols to protect sensitive data and systems.
• System Monitoring: Continuously monitor systems for security breaches and respond promptly to incidents.
• Vulnerability Assessment: Conduct regular vulnerability assessments and penetration testing to identify and mitigate risks.
• Security Solutions: Develop and implement security solutions, including firewalls, encryption, and intrusion detection systems.
• Compliance: Ensure compliance with industry standards and regulations.
• Team Leadership: Lead and mentor junior security engineers and other IT staff.
• Incident Response: Develop and manage incident response plans and procedures.
• Security Training: Provide security training and awareness programs for employees.
• Ability to manage and lead a staff of 4 IT professionals with regards to high priority security management implementation.
• Stay abreast of new and emerging security practices and policies.
QUALIFICATION:
• Education: bachelor’s or master’s degree in computer science, Information Security, or a related field. • Experience: Minimum of 5 years of experience in IT security.
• Certifications: Relevant certifications such as CISSP, CEH, CISM, or similar.
• Technical Skills: Proficiency in network architecture, security protocols, encryption, and security audit tools.
• Soft Skills: Excellent problem-solving, analytical, and communication skill.
Knowledge, Skills, and Abilities:
• Network Security: Proficiency in network architecture, firewalls, VPNs, and intrusion detection/prevention systems.
• Operating Systems: Deep understanding of various operating systems.
• Cloud Security: Expertise in securing cloud environments (Azure) and understanding cloud service models (IaaS, PaaS, SaaS).
• Encryption: Knowledge of encryption technologies and secure communication protocols.
• SIEM Tools: Experience with Security Information and Event Management (SIEM) tools for monitoring and analyzing security events.
• Incident Response: Ability to manage and respond to security incidents, including forensic analysis and root cause analysis.