Sr. Cloud Security Engineer - US Citizen (no C2C candidates please) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Tier One Technologies, LLC · 4 hours ago

Sr. Cloud Security Engineer - US Citizen (no C2C candidates please)

positionUnited States
timeContract
remoteRemote
senioritySenior Level
date5+ years exp

Tier One Technologies is seeking a Sr. Cloud Security Engineer to support our direct US Government client. This role involves managing application security functions and providing cybersecurity expertise to ensure the security of agency infrastructure, systems, and information.

Information Technology & Services
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Responsible for the application security function and for information technology security (Cybersecurity/InfoSec) engineering, and design and serves as a technical expert authority
Solve significant problems complicated by interfaces and inter-relationships between and among programs, systems, functions, applications, and numerous critical issues for agency-wide information technology solutions, operations, and maintenance supporting the security of agency infrastructure, systems, and information
Manage and administer a wide range of security systems and tools:
Administer and operate cloud-based security tools such as, Azure Security Center (Sentinel, Log Analytics, Azure WAF, Defender for Identity, Privileged Identity Manager); Microsoft 365 Security Suite (Defender, Advanced Threat Protection, Cloud Application Security, Protection Portal); Microsoft Security and Compliance Center; Microsoft Endpoint Manager (Intune); multi-factor authentication (MFA); web content filtering; and secure document sharing and collaboration solutions
Responsible for primary or alternate management of all IT Security systems including patch management, upgrades, integration engineering, and reporting
Manage security incident detection, response, remediation
Conduct cyber threat and vulnerability analysis and remediation
Develop security metrics and manage reporting and compliance
Serve as Incident Response Team member
Support operational implementation of FISMA/NIST standards and industry best practices
Manage IT Security awareness training program in coordination with the Learning Management team, to include developing and delivering IT Security awareness training modules
Manage Password Management system in coordination with Service Desk
Respond to IT Security trouble tickets generated by customers and IT staff. Identify solutions, work with customers and the team to execute solutions, and manage ticket input, updates, and resolution in the company’s ticketing system to maintain service level agreements
Support Security Operations and Engineering by providing technical solutions, support and expertise
Identify security risks and recommend risk mitigation strategies
Review new and existing systems to ensure baseline security requirements are met and to recommend security enhancements
Develop security architecture and technical solutions for security products
Develop and execute project plans to engineer, construct, deploy, and monitor/manage IT Security infrastructure solutions
Demonstrate in-depth understanding of security requirements associated with cloud-hosted environments, services, and solutions
Evaluate, recommend, and implement security controls associated with cloud-hosted environments, services, and solutions

Qualification

Cloud Security ToolsApplication Security AssessmentsCybersecurity StandardsSecurity CertificationsStaticDynamic TestingContinuous Integration/DeploymentManual Code ReviewSecurity Vulnerability AssessmentSecurity Testing PipelinesCoding LanguagesEffective CommunicationCollaboration Skills

Required

US citizenship is required
Bachelor's Degree in Cybersecurity/Information Technology Security or related field of study from an accredited college or university
5+ years of specialized experience with hands-on skills in performing IT Application Security Assessments and specialized experience in Secure SDLC and Source Code Analysis (Manual & Tools) on Web-based Applications
CERTIFICATIONS (One or more required): Certified Secure Software Lifecyle Professional (CSSLP), Certified Cloud Security Professional (CCSP), Offensive Security Certified Professional (OSCP), EC-Council Certified Application Security Engineer (CASE), GIAC Certified Web Application Defender (GWEB), Azure Developer Associate, Microsoft 365 Certified Security Administrator Associate, Microsoft Certified Azure Security Engineer Associate, Public Trust Investigation security clearance
Hands-on experience with Static and Dynamic Application Security Testing using tools like HP Fortify, HP WebInspect, HCL Appscan, Snyk, Checkmarx, Synopsys, and Veracode
Strong experience in Continuous Integration (CI) and Continuous Deployment (CD) practices
Proficiency implementing FISMA, NIST, OMB guidelines, and other Federal regulations and guidance. Experience interpreting and implementing FISMA/NIST requirements focused on the operational implementation and documentation of those requirements
Proficiency in manual code review with the ability to identify potential vulnerabilities and best coding practices
Expertise in application vulnerability and security assessments using various tools like Burp Suite Pro, OWASP Zap Proxy, DirBuster, Kali Linux, Metasploit Pro, Accunetix, Insight AppSec, GitLab, Coverity, Fortify, and GitHub Enterprise
Working knowledge of security controls for cloud-hosted environments, applications, and services
Prior experience in assessing application vulnerabilities and bugs in various applications
Prior experience creating security testing pipelines and test plans
Ability to implement and deploy an organization-wide Application Security program (DAST and SAST) at the enterprise level to identify, report and remediate security vulnerabilities in development and production environments
Extensive experience in preparing test Plans, writing test Cases, test Execution and follow up remediation efforts
Familiarity with coding languages such as Java, .NET, Python, PHP, C++, C#
Effective communication and collaboration skills to work with cross-functional teams, business units, stakeholders, and IT professionals, and brief executives
Must be able to pass a drug screening, criminal history, and credit checks
Must have lived in the United States for the past 5 years
Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members)

Preferred

Advanced degree in Cybersecurity or related field (desired)
Secret Security clearance is preferred

Company

Tier One Technologies, LLC

twitter
company-logo
Tier One Technologies is a national technical consulting and services firm.
dateFounded in 2003
location
Canonsburg, PA, US
people-size11-50 employees
web-link
https://www.tier1technologies.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase