We are hiring for a Security Engineer to join forces with a team supporting one of our Federal customers. The desired cyber security engineer to assist with the deployment, configuration, and administration of security software in a hybrid on prem and Azure GovCloud environment. Domains include application security as a service, micro-segmentation, continuous exposure management, data loss prevention, enterprise logging, and endpoint detection and response (EDR).
This opportunity is mainly remote work, with exception of some meetings to be had in the Washington DC area with other members of the agency and team.
Work You'll Do:
- Configure applications to align with OMB (Office of Management and Budget) Memorandum M-21-31 requirements
- Provide recommendations and instructions to application teams to improve security posture and compliance with M21-31
- Deploy and configure security software
- Integration security products with existing software and infrastructure
- Produce design diagrams, interface documents, and standard operating procedures (SOPs) for security tools
- Collaborate with SOC, IT, cloud, platform, and application teams to identify and address issues
- Provide regular reports to senior management and data owners on the status of security software deployment and M-21-31 compliance
- Experience following the systems engineering lifecycle
- Familiarity change control processes and following them for deploying/updating systems
What You Have:
- Experience with log management and analysis. Splunk Cloud experience preferred
- Experience configuring endpoint detection and response (EDR) software. CrowdStrike or Microsoft Defender preferred
- Experience with one or more of the following:
- ○ Micro-segmentation
- ○ Data loss prevention (DLP)
- ○ Splunk Cloud
- ○ Microsoft Defender
- ○ CrowdStrike
- ○ Skybox
- ○ Fortify On Demand
- Familiarity with OMB Memorandum M-21-31
- Ability to track and make progress on multiple tasks in parallel
- Ability to collaborate with multiple teams and provide clear, concise directions during technical troubleshooting
Certifications Desired (Not Required)
- GIAC Security Essentials Certification (GSEC)
- Certified Information Security Manager (CISM)
- Systems Security Certified Practitioner (SSCP)
What We Offer:
- 401(k), including an employer match of 100% of the first 3% contributed and 50% of the next 2% contributed
- Medical, Dental, and Vision Insurance (available on the 1st day of the month following your first day of employment)
- Group Term Life, Short-Term Disability, Long-Term Disability
- Voluntary Life, Hospital Indemnity, Accident, and/or Critical Illness
- Participation in the Discretionary Time Off (DTO) Program
- 11 Paid Holidays Annually
UltraViolet Cyber maintains broad salary ranges for its roles in order to account for variations in knowledge, skills, experience, market conditions and locations, as well as reflect our company's differing products, services, industries and lines of business. Candidates are typically placed into the range based on the preceding factors.
