SecDevOps Architect

Employment Type

: Full-Time

Industry

: Miscellaneous



Our client is looking to hire a Sr. Security Architect / Engineer in either: Kansas City, Fort Worth, or Washington DC. This is a permanent full time opportunity and it pays up to $120,000!

Love really interesting security projects and plenty of variety in the work you do?! If you want a challenge and want to grow and work with a dedicated and supportive team then this is the role for you!

We’re looking for a Sr. Security Architect/Engineer to join our growing team. The client is a Cybersecurity company delivering cutting-edge security solutions to our Government clients. This is your chance to work with a wide range of security technologies, and develop new security solutions in the cloud and in on-premise data centers. You’ll join a skilled team supporting application white-listing, vulnerability scanning, web application scanning, integrity monitoring, and a large enterprise SIEM solution for our fantastic client. The successful candidate will have a strong background in IT Security Engineering, will be driven and focused on learning and developing their skills. If you’ve got that ‘can-do’ attitude and possess the skills below, we’d love to talk to you about this exciting opportunity.

Our client offers great benefits and many opportunities for you to grow your technical skills through supporting innovative projects that will challenge and reward you.

The successful candidate must have a minimum of 4 years of IT Security experience and experience in some of the following areas:

  • 4+ years experience with Network Vulnerability Scan tools. Ideally Tenable Nessus (Security Center) or Tripwire IP360. You must have experience deploying DPs (scanners), configuring the product console (e.g. Security Center), upgrading and tuning the product, and experience troubleshooting issues with the console and various scan issues such as host authentication. You must be able to explain your autonomous role with these tools. You must also be knowledgeable about different types of Vulnerabilities and their mitigation.
  • 4+ years experience with systems administration: The successful candidate must have experience with Windows and Linux/UNIX server operating systems. You will understand permissions in both OS types and be familiar with authentication mechanisms particularly as it relates to scan tools. You must have experience installing and configuring both operating systems.
  • 4+ years experience with Web application or Database Scan tools. Ideally Webinspect/nCircle/DBprotect. You will have a good understanding of web application and database scan tools. You will understand how web applications are architected and how they interact with databases. Experience with scripting in Powershell, bash, perl, and others is definitely favorable. You must be familiar with tool deployment/tuning/upgrade and be able to run scans, fix issues, and explain reports to clients.
  • 4+ years experience analyzing and interpreting scan reports . You will be able to explain the details to ISSOs and clients with more a more limited security background within government business units. You must have experience in guiding the remediation (patching) process.
  • 4+ experience supporting a government client's compliance with FISMA , including SCAP experience. You should have some experience with FISMA, particularly its application in terms of Continuous Monitoring and Continuous Diagnostics and Mitigation.
  • Required Education:

  • Bachelors Degree in IT/Security
  • CISSP or GSEC
  • Responsibilities Include:

  • Provide technical leadership for existing and new security solutions for our client. Plan, design and lead the way
  • Be able to work autonomously
  • Security tool development: researching, planning, and implementing new tool features to make security tools more effective and add value for our client
  • Configuring and running host vulnerability scans, web application scans, adding new hosts to weekly and monthly scan lists
  • Further developing scan tools to continue to develop our client’s continuous monitoring program
  • Interpreting vulnerability and web application scan reports and explaining these to internal customers to assist with remediation efforts
  • Configuring and developing an enterprise SIEM solution including signature tuning, development of correlation rules, reports, and alarms
  • Researching and developing new security solutions
  • Research security vulnerabilities and provide reports as needed.
  • Triage security vulnerabilities and recommend mitigation suggestions based on knowledge of the environment
  • Troubleshooting issues with security tools. Owning the problem and seeing it through to resolution
  • Deploying new security tools, configuring their host systems and the tool from an out-of-the-box configuration to a production-ready state
  • Document existing and new solutions
  • Mentor and assist other Security Engineers on the team

  • Launch your career - Create your profile now!

    Create your Profile

    Loading some great jobs for you...