Full Time position in Herndon VA
The Security Engineer is a member of IT - Infrastructure Operations, and performs technical activities for delivering effective host, network, data, and application security services. This position has a primary responsibility for security platforms in the production environment, as well as development, quality-assurance and staging environments. This position is a lead in the continuous assessment, design, and enhancement of the organization's Active Directory environment, that includes performing vulnerability assessments, security testing, and working with operations and development teams on remediation and mitigation of findings. This position also has a primary role on the Computer Security Incident Response Team (CSIRT) and with Disaster Recovery/Continuity of Operations Planning (DR/COOP). Lastly, the Security Engineer provides support to planning, designing and implementing security controls which safeguard and monitor events for information systems, enterprise applications and
How You Contribute:
Analyze, troubleshoot, and investigate security-related, information systems' anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts, especially as they relate to Active Directory (AD) security policies and enforcing AD privilege user management.
Diagnose and troubleshoot complex security and infrastructure issues related to Active Directory services.
Evaluate and secure major AD components (such as Domain Controllers) using vulnerability scanners and manual techniques to verify system security settings and configurations.
Provide reports on the overall security posture of the AD environment which includes monitoring the AD environment (as well as Azure integrations).
Develop and manage processes using C#/PowerShell and Azure Functions to perform system maintenance, system data aggregation, etc.
Provide CSIRT support as needed in response to information security related events.
Participate in DR/COOP exercises and continuous improvement processes.
Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
Assist the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
Establish and maintain a strong working relationship with all team members.
Provide off-hours support on an infrequent, but as needed basis.
Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team and information sharing environment.
Interact with customers, service managers, and operational support teams to design, test, and deploy security and/or automation solutions to meet business needs.
Participate in planning for infrastructure strategy, capacity, and performance.
Develop, deploy, support and maintain global application across production environments.
What You Bring to the Table:
Bachelor's degree in Computer Science, Information Technology or related field or a combination of education and experience. A combination of education and experience, including military service will also be considered.
4-7 years of IT experience; at least 3 of those years focused on IT security and 4 of those years focused on Active Directory.
Must possess an active industry recognized information security certification, such as a CISSP, CISM, CEH, or equivalent.
Extensive grasp of the threats and risks posed to on-premises and cloud Active Directory environments, such as "Pass the Hash", "Pass the Ticket", lateral movement, credential theft, and abuse of privileged access.
Hands-on experience with:
Implementing, maintaining, and securing Azure/Active Directory services, ADFS, and the underlying components that support these technologies, such as DNS, Kerberos, LDAP, SAML/OAuth, PowerShell, WMI, and similar network and management protocols.
Implementing AD security groups, portioning administrative privileges, Privileged Access Workstations, and Microsoft's Active Directory Administrative Tier model.
Creating PowerShell tasks that can at a minimum enumerate and identify groups within Active Directory based on roles such as nested groups, privileged access, etc.
Analysis, design and re-engineering of group policies (GPO), security groups, user and computer objects, logon authentication, scripts, replication, forest and domains, and user/account provisioning, Windows Active Directory or other directory services, Windows server, and workstation troubleshooting.
Managing AD groups, permissions, and access to Azure resources.
Implementing Multi-factor access solutions by vendors such as RSA, Microsoft, or equivalent.
Fundamental or greater understanding of encryption technologies that integrates with AD.
Comfortable working on both Linux-based and Microsoft Windows-based system platforms with a strong IT technical understanding and aptitude for analytical problem-solving.
Strong understanding of:
Enterprise, network, system and application level security issues.
Enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks.
Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings.
Proficient technical writing, documentation, and communication skills.
Live within a commutable distance of Herndon, VA.
Linux security configuration experience (RHEL, Centos, AIX, HPUX, Others).
Knowledge of implementing Privileged Access Management solutions such as Microsoft's Just in Time administration.
Princeton Information is one of the nation's top five privately-held IT consulting firms, in business since 1985. Princeton Information services a clientele of primarily Fortune 500 companies nationwide. With annual revenues over $120 million, Princeton Information operates across the US from multiple regional offices.
Our Commitment to Our Consultants
As a privately held company, Princeton Information is solely committed to the success of clients and consultants - not to any shareholders. PI's success is grounded in the relationships we build with our consultants. We seek the best people; provide career path counseling; as well as the most challenging opportunities in business and in IT. As part of its culture of loyalty and commitment to its consultants, Princeton Information is committed to doing all we can to ensure our consultants have the best possible search, placement and work experience possible.
Working with one Princeton Recruiter will gain you access to over 500 open requirements with the top clients in the US across all industries (finance, insurance, pharmaceutical, commercial, telecom, media, manufacturing) nationwide. Our local recruiters have in-depth knowledge of our clients and opportunities. They will work with you to find you the best possible opportunities for you and your career.
Our relationships with our clients, as well as our consultants, are critical to our success! We have a robust sales organization that ensures that Princeton has the inside track on what attributes a person needs in order to be successfully placed and engaged at our clients. We know the technical and non-technical skills that our clients are looking for and we ensure that you are educated about the client prior to your interview with them. Princeton is committed to going above and beyond to ensure that each meeting you have with a client is a successful one!
Princeton Information Ltd