Be an early applicantLess than 25 applicants

Company

Original Job Post

myGwork - LGBTQ+ Business Community · 2 days ago

Senior Security Engineer

Rockville, MD

Full-time

Hybrid

Senior Level

$106K/yr - $200K/yr

5+ years exp

Wonder how qualified you are to the job?

Maximize your interview chances

Internet

Insider Connection @myGwork - LGBTQ+ Business Community

Discover valuable connections within the company who might provide insights and potential referrals, giving your job application an inside edge.

Responsibilities

Apply established and ad hoc processes and techniques to identify, validate, prioritize, and track security risks.

Identify uncontrolled risks and recommend control improvements.

Proactively identify security requirement deficiencies.

Engage business and technology personnel to elicit security requirements.

Architect and design security control systems to address requirements.

Operate and monitor established security controls.

Identify control deficiencies and make appropriate recommendations.

Ensure that controls are operating effectively; resolve operating discrepancies.

Review, triage, and prioritize control output.

Take appropriate action to resolve security discrepancies.

Identify, evaluate, and recommend new security technologies, techniques, and tools.

Define, review, and promote information security policies, standards, guidelines, and procedures.

As compliance subject matter expert, enforce and monitor compliance with internal and external regulations, policies, and standards.

Establish and promote strategies to ensure that compliance is effectively monitored and enforced.

Lead/Co-lead internal process improvement initiatives. Provide feedback on processes by offering suggestions.

Mentor and supervise junior staff in project-level tasks.

Assist with adherence to technology policies and comply with all security controls.

Ensure all work products meet/exceed FINRA standards.

Good technical understanding of network fundamentals and common Internet protocols.

Technical understanding of the permissions, roles, and security within both O365 tenant and Azure Cloud.

Understanding of Windows OS, both desktop and server versions. Includes knowledge of Windows security, events registry.

Understanding of Microsoft Group Policy and Intune policy and security.

Must have a demonstrated capability to write scripts and code in PowerShell.

Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.

Operational experience monitoring system logs, skills with a SEIM (ability to search and build complex queries).

Distinctive investigative, problem-solving, and analytical skills.

Technical security certifications like Security+, Ethical Hacking or GIAC Security a plus.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Network securitySystems architectureSecure software assuranceIntrusion detectionIncident responseSecurity configuration managementAccess controlsSecurity policy developmentCommunications protocolsCyber security toolsConfiguration assessmentLog aggregationIntegrity verificationWeb application security testingNetwork access controlIntrusion prevention systemsEndpoint security solutionsInformation security principlesProblem-solvingCommunicationRelationship buildingOrganizationAdaptabilitySecurity+Ethical HackingGIAC Security

Required

Bachelor's degree in Computer Science, Information Systems or related discipline with at least five (5) years of related experience, or equivalent training and/or work experience.

Direct experience in several key areas: securing networks and systems architecture, design and implementation, secure software assurance, intrusion detection, defense and incident response, security configuration management, access controls design and implementation, and security policy and standards development.

In-depth knowledge of one or more communications protocols.

Experience with more than one Cyber Security tools, including Configuration Assessment, Log Aggregation, Integrity Verification, Web Application Security Testing, Network Access Control System, Network Intrusion prevention systems, and Endpoint Security Solutions.

Strong written and verbal technical communication skills.

Demonstrated ability to develop effective working relationships that improved the quality of work products.

Well organized, thorough, and able to handle competing priorities.

Ability to maintain focus and develop proficiency in new skills rapidly.

Ability to work in a fast-paced environment.

In-depth knowledge of more than one Information Security principle and discipline.