Sr. Cyber Security Engineer – Arlington, VA

Direct Hire | Financial Services | Arlington, VA | Apply Now

ROLE SUMMARY

The Senior Cyber Security Engineer serves the company as an advisor on best practices and is responsible for designing and effectively implementing enterprise security strategies, architectures and solutions that guide and support IT security direction. The candidate is accountable for the security architecture across a variety of applications or domains, to include cloud computing, and assigned to project/initiatives of large size, complexity and risk.

The Senior Cyber Security Engineer develops actionable security blueprints, principles, models, designs, standards and guidelines to ensure enterprise information technology architecture and support is consistent, usable, secure and adds value to the business. Interacts with vendors, IT and business area contacts to facilitate flexible, scalable and cost effective security solutions as well as provides technical guidance to less experienced Engineers, Analysts, and others.

PRINCIPAL DUTIES and RESPONSIBILITIES

Program Design, Implementation and Support

  • Establish and maintain a formal security posture that provides a logical structure for classifying and organizing security design elements to ensure a complete and usable security architecture that improves efficiency and risk mitigation of new or current systems or initiatives, to include cloud computing platforms.
  • Manage the life cycle of all security technologies, to include maintenance, upgrades, enhancements, optimization and assess risk as part of the life-cycle analysis.
  • Consult with senior engineers, data architects, and developers to ensure effective security is achieved across the SDLC.
  • Architects, prioritizes, coordinates and communicates the choice of security technologies necessary to ensure a highly secure yet usable and flexible computing environment.
  • Develop and implement data security architecture framework (roadmaps, product life-cycle, reference architecture, technologies, etc.).
  • Create and maintain enterprise security standards applicable to all technologies in the IT portfolio. Keep current with security technologies and make recommendations for use based on value.
  • Engage in the intake process for origination of projects to ensure alignment with strategic roadmap. Collaborate with other members of the technical architecture community to ensure successful implementation of security strategies, that align and support the enterprise.
  • Act as a key strategic advisor to the IT Leadership Team, and other key stakeholders regarding security initiatives, risk mitigation, and compliance.
  • Act as the lead for Incident Response, as well as level 3 and level 4 support for security incidents across the global enterprise.
  • Use strong critical thinking and analytical skills and demonstrated ability to identify risks associated with IT business processes, security operations, and technology projects.

Technology Responsibilities and Oversight

  • Helps to formulate and articulate the multi-year security strategy and roadmaps and works with various leaders across Technology.
  • Develop and own security technologies for cloud computing platforms, specifically AWS and other SAAS, IAAS, and PAAS platforms to include public, private, and hybrid cloud architectures.
  • Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
  • Evaluate and report to approved projects and initiatives by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; while adhering to industry standards.
  • Verify and monitor Cybersecurity and information Security controls to ensure processes are mature and capable of supporting security objectives.
  • Report to IT Management on security gaps, issues, failures or concerns of established application or infrastructure frameworks and architecture to remediate and provide early solutions to problems.
  • Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training and awareness programs.
  • Prepare system security reports by collecting, analyzing, and summarizing data and trends, to include recommendations.

Administrative Responsibilities

  • Assist in developing budgets and forecasts to support business needs, goals and objectives.
  • Ensures adherence to protocols for 24x7x365 response and notifications for alarms, emergencies, or critical incidents.
  • Participates in major cross-functional projects affecting business, products, or services.
  • Develop cross-functional team members to increase bench strength and flexibility of the functions.
  • Facilitate effective, comprehensive, and consistent communications, for various audiences, including steering committees and other executive levels.
  • Update job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.

REQUIRED QUALIFICATIONS and EXPERIENCE

  • 10+ plus years in a Security Architect and/or Security Engineer role or combination of both; working as part of a CIRT, CERT, or SOC. 2+ years’ experience with SIEM solutions.
  • Experience with various network and host-based analysis tools such as EnCase, Wireshark, etc. Expert level in firewall technologies, CiscoASA, Palo Alto is required.
  • Deep understanding of IDS/IPS such as Sourcefire.
  • Deep understanding of Proxies and Content Filtering technologies such as Cisco Ironport.
  • Working knowledge of security products such as Cisco ISE, Ironport and Websense.
  • Demonstrated experience in vulnerability scanning and related products such as Nessus.
  • Ability to review and interpret both logs and packet captures.
  • Knowledge of event correlation systems to diagnose and manage security events within the firm.
  • Experience designing security solutions for SaaS (client facing) and IAAS (AWS, AZURE, etc.) platforms.
  • Experience with the design and integration of secure networks including all aspects of multi-site network designs and support (LAN, MAN, WAN); Router ACL; NAC; VPN; deploying and maintaining remote access technologies/solutions.
  • Deep understanding of TCP/IP and Routing & Switching.
  • Experience with various end-point security solutions, platforms, and automation.
  • 4+ years in a global organization with global experience.
  • Excellent communication skills, written and verbal.
  • Critical thinker, experienced in unconventional problem solving.
  • Experience with SSO, ADFS, LDAP desired.
  • Experience working with B2E, BSB, and B2C applications teams.
  • Experience working with SDN, SDDC, and other cloud and virtualization technologies.
  • Previous hands-on experience with complex IT Systems solutions and business applications.
  • Ability to develop and maintain highly effective relationships, internally and externally.
  • Positive “can do” attitude with focus on the success of the team over individual accomplishments.
  • Strong interpersonal communication and presentation skills.
  • Demonstrates ability to work both as an individual contributor and in a team environment.
  • Demonstrate experience handling multiple work-streams simultaneously.
  • Exceptional planning and organizational skills.
  • Ability to be on call or assure critical incident response 24x7x365.
Apply Now