195 applicants

This job has closed.

Company

Original Job Post

Akima · 2 days ago

Senior Security Engineer

Herndon, VA

Full-time

Hybrid

Senior Level

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

ConstructionConsulting

Actively Hiring

Insider Connection @Akima

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Security Architecture & Design:

Design and implement secure system architectures, controls, and procedures aligned with industry best practices (NIST CSF, MITRE ATT&CK) and compliance frameworks.

Champion the integration of security considerations throughout the software development lifecycle (DevSecOps).

Stay informed on emerging security threats and trends to proactively improve our security posture.

Threat Detection & Response:

Oversee the implementation and tuning of security monitoring tools (SIEM, XDR) for effective threat detection and incident response.

Lead incident response activities, including investigation, containment, eradication, and recovery.

Develop and maintain security playbooks to ensure efficient incident handling.

Security Operations Management:

Manage and maintain security processes, ensuring continuous operational readiness and system protection.

Provide technical and analytical leadership for evaluating and recommending new security tools and technologies (cloud security, container security).

Collaborate across the organization to integrate security initiatives with business objectives.

Other:

Mentor junior security team members on best practices and security tools.

Develop, implement, and maintain the organization’s GRC framework to ensure compliance with industry standards and regulations.

Conduct risk assessments and analyze the potential impact on the organization’s operations, making recommendations to mitigate identified risks.

Monitor and evaluate compliance with security policies, procedures, and regulatory requirements

Collaborate with cross-functional teams to integrate GRC practices into business processes and ensure effective risk management.

Prepare and present detailed reports on compliance status, risk assessments, and mitigation strategies to senior management.

Facilitate internal and external audits, ensuring all necessary documentation and evidence of compliance are readily available.

Stay updated on evolving regulatory requirements, industry standards, and best practices in GRC.

Provide training and guidance to staff on GRC policies and procedures to promote a culture of compliance within the organization.

Manage incident response processes and ensure timely reporting and resolution of security incidents in accordance with regulatory requirements.

Performs work under minimal supervision. Handles complex issues and problems, and refers only the most complex issues to higher-level staff. Possesses comprehensive knowledge of subject matter. May act as a lead.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Information securitySecurity architectureThreat detectionSecurity operations managementIncident detectionForensicsSecurity information systemsFirewallsVPNsDLPIDS/IPSWeb proxiesPalo Alto productsStrata platformPanorama management systemCloud security principlesPrisma CloudSIEMSOARXDRFirewall configurationPolicy creationTroubleshootingScripting languagesAutomationSecurity toolingSystem security engineeringAnalyticalProblem-solvingDecision-making

Required

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (required)

Minimum 5-8 years of experience in information security, with a focus on security architecture, threat detection & response, and security operations management (required)

Experience with incident detection, response, and forensics (required)

Experience with design, delivery, and management of security information systems (required)

Strong analytical, problem-solving, and decision-making skills

Excellent communication, collaboration, and interpersonal skills

Ability to work independently and as part of a team

Ability to manage multiple priorities and meet deadlines in a fast-paced environment

Working knowledge of security technologies including firewalls, VPNs, DLP, IDS/IPS, and web proxies

Knowledge of Palo Alto's core products, especially the Strata platform which includes physical firewalls and the Panorama management system

Ability to design, deploy, operate, and manage Palo Alto firewall solutions

Familiarity with cloud security principles and Palo Alto's cloud offerings like Prisma Cloud

Understanding of security operations concepts like SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation and Response), which are relevant for XDR

Hands-on experience with Palo Alto firewall configuration, policy creation, and troubleshooting

Cisco or Palo Alto certifications (CCNA, CCIE, PCNSE, PCDRA)

Experience with threat detection, incident response, and forensics methodologies

Proficiency in scripting languages (Python, Bash) for automation and security tooling

Strong understanding of system security engineering (SSE) principles and processes