Security Engineer-C219d

Syapps Bethesda , MD 20813

Posted 6 months ago

SyApps is a Technology and Management Consulting Services firm based in Greater Washington area, with focus on solutions in the area of Strategy, Process, Technology and Management support. As a diverse end-to end IT and Management solution Provider, SyApps offers a range of expertise aimed at helping customers re-engineer and re-invent their business to compete successfully in an ever-changing marketplace.

Please visit us at www.syapps.com.

Description

  • Work closely with security architects to understand goals, determine security requirements, to design, and implement application and data security solutions to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.

  • Coordinate with infrastructure and application development project teams to deliver solutions collaboratively, ensuring that corporate security policy, standards and industry best practices are met.

  • Drive the selection, POC, implementation and operational deployment of new security technology solutions to ensure the confidentiality, integrity and availability of business data.

  • Develop disaster recovery and continuity of operations plans for new security systems under integration, and ensure testing prior to systems entering a production environment.

  • Deploy and configure technology, partnering with IT Infrastructure teams and vendor product professional service partners.

  • Stay current with developing technologies, emerging threat landscape and predict impact of changing technologies.

  • Coordinate with IT Operations team for the production readiness of security infrastructure solutions supporting mission critical production environments and applications.

Specialized Knowledge & Skills

  • Exposure in defining security solutions for multi-tier cloud based application on AWS (S3,EC2, ELB, Subnet/AZ, IAM, KMS, CloudWatch) preferred.

  • Experience with one or more the security tools listed below:

  • Authentication and roles based access control (AD, ADFS, SAML)

  • Public Key Infrastructure (PKI)

  • Privileged Account Management (PAM)

  • Password Vaulting

  • Multifactor authentication

  • Firewalls

  • Platform Security (RHEL, Windows, Database)

Type: Contract

Travel: No

Location: Bethesda, MD

SyApps LLC is a Winner of the SmartCEO/Grant Thornton Future 50 Award for being recognized as one of 50 fastest growing companies in the Greater Washington Area.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
MidLevel Security Engineer

Unissant

Posted 6 days ago

VIEW JOBS 10/16/2019 12:00:00 AM 2020-01-14T00:00 Unissant, Inc. is an innovative solutions development and consulting company committed to delivering simplicity through innovation. We meet this commitment by delivering state-of-the-art enterprise computing and processing solutions to both government and commercial clients. Our workforce continually strives to advance y(our) collective intellect through collaborative fortitude, and we are looking for further talent to join that effort! To learn more about our exciting organization, please visit us at www.unissant.com We are seeking a Mid-Level Security Engineer to join our team and support our client in Bethesda, MD. The position will be responsible on securing our customer's infrastructure and environment, improving security processes, and building the future of security for our client. The position is responsible for leading technical aspects of the security operations and oversight of key security defenses. The position is also responsible for leading the technical security assessments and assurances of the customer's environment as well as security monitoring, and acts as the technical lead in the components required to analyze and contain a security incident. When responding to this opportunity, please speak to the relevancy of your work experience in your cover letter. Essential Duties and Responsibilities: * Implements and configures IDS and related enterprise security systems to help the organization better identify intrusions, attacks, vulnerabilities and recommends appropriate course of action. * Maintains a good knowledge of the daily security landscape and serves as a security advisor to Program Manager and the Government Client. * Responsible for independent and team-based security audits of all security policies, procedures, and protocols with an emphasis on consistent improvement of controls. * Maintains, establishes, and improves vulnerability management, risk assessment, and incident management processes. * Interacts with IT, Hosting Operations, development teams to identify areas of risk and solutions for improvement including development, infrastructure, and systems management. * Serves as an escalation point for all security incidents reported by users and/or security tools and drives resolution efforts. * Support the identification of potential vulnerabilities within systems, networks, DBs, applications and recommend suitable controls and countermeasures to mitigate such vulnerabilities. * Regularly tests and audits systems within the corporate IT and production environment for vulnerabilities and misconfigurations. * Advises IT, Hosting Operations and Development teams on secure configuration, installation, maintenance, and upgrades of infrastructure and applications as well as evaluation of new products as it relates to security. * Creates, provides, and improves upon documentation and training to internal departments to facilitate secure day-to-day operations. * Plays an important role in establishing and maintaining compliance programs as needed * Architects, designs, implements, maintains and operates information system security controls and countermeasures. * Conducts internal penetration testing assessments (e.g., network, web applications, wireless networks). * Work with the CSIRT Technical Lead in order to properly analyze, contain, eradicate, and recover a security incident. Work Experience: * Minimum 5+ years of experience in the field of security in the following areas: security engineering, incident response, system, application and network security, vulnerability management, threat modelling, penetration testing, intrusion detection, firewalls and encryption technologies. * Minimum 5+ years of experience in the information security field with exposure to audit, risk management, data privacy, and regulatory and compliance practices. * Knowledge and experience of cloud infrastructure security; Azure, AWS, Google Cloud. * Knowledge and experience working with various security frameworks (e.g., ISO/IEC 2700x, NIST CSF, COBIT, OWASP) and audit frameworks (SOC 2). * Some Knowledge of Security Information and Event Management (SIEM) tools, network and operating system security features (e.g., Windows, Linux, Ubuntu) and network security technologies (e.g. firewalls, filtering routers, authentication mechanisms, IPSEC VPN, server hardening). * Experience in scripting languages such as Python, Ruby, Perl, Bash and/or PowerShell * Have hands-on experience with tools and technologies used throughout secure SDLC * Hands on experience with managing security awareness and training such as online training modules, lunch and learns, periodic security communication, and simulated phishing campaigns. * Demonstrated experience drafting documentation including functional and system requirements, configuration management plans, disaster recovery plans, user guides, system security plans, and production data waivers. * Familiarity with attack vectors and its customer impact. * Demonstrated experience working effectively across internal and external organizations * Demonstrated experience in the following areas of: * <li>Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies * ISO 27001/27002, ITIL and COBIT frameworks * Windows, UNIX and Linux operating systems * Perimeter security controls firewall, IDS/IPS, network access control and network segmentation * Router, switch and VLAN security; wireless security * Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies Job Skills: * Knowledge of practices and methods of IT strategy, enterprise architecture and security architecture * Knowledge of network security architecture development and definition * Knowledge of third-party auditing and cloud risk assessment methodologies * Security knowledge on current threats, trends and mitigations. * Ability to work in a collaborative team environment as well as independently when required. * Strong time management and prioritization skills and ability to multi-task across various projects in a high-paced work environment to meet deadlines and manage stakeholder expectations. Education: * Bachelor's Degree required with a concentration in Computer Science, Information Technology, and Information Systems * Master's Degree is a plus Certificates, Licenses and Registrations: * CISSP, CISM, SANS GIAC preferred * Sec+ Required Communication Skills: * Excellent verbal and written skills, ability to present proposals and performance data, comfortable interfacing all levels of organization * Ability to write clear and concise creative content in a highly confidential manner Travel: * Willing to travel (up to 5%) Environmental Requirements: * Mainly sedentary; in an office environment. May be required to lift up to ten (10) pounds * Flexible in working extended hours The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Unissant management reserves the right to modify, add, or remove duties and to assign other duties as necessary. In addition, where applicable and available, reasonable accommodation(s) may be made to enable individuals with disabilities to perform essential functions of this position. Please note: Candidate(s) will be required to go through pre-employment screening. Unissant, Inc. is a proud Equal Opportunity Employer! (EOE; M/F/D/V; AA) Unissant Bethesda MD

Security Engineer-C219d

Syapps