Note: The job is a remote job and is open to candidates in USA. Tria Federal delivers digital services and technology solutions that support the health and safety of veterans, service members and civilians. They are seeking a Senior Security Engineer to support the transition and maintenance of required federal program security documentation and security processes, focusing on security operations and vulnerability monitoring.
Responsibilities
- Engineer, implement, and monitor security measures for the protection of computer systems, networks, and information
- Identify and define system security requirements
- Design computer security architecture and develop detailed cyber security designs
- Prepare and document standard operating procedures and protocols
- Configure and troubleshoot security infrastructure devices
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Ensure that the company knows as much as possible, as quickly as possible about security incidents
- Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement
- Video documentation of Proof of Concept or Vulnerability Exploitation
- Maintain ATOs and all security documentation, including, but not limited to: SSP, CP, ISRA, TableTop Exercises, and PIA
- Manage Splunk, AppOmni, and AWS integrations to completion
Skills
- Ability to obtain a U.S. Federal Position of Trust clearance designation
- Must reside in and be able to perform work in the United States
- Must have lived in the United States for 3 of the last 5 years
- Bachelor's degree in cybersecurity, computer science, engineering, technology, data science, statistics, analytics, or related quantitative and software development field
- Candidate in the DMV area will be required to travel to our Baltimore office (Woodlawn MD) once a week (Tuesday)
- Proven work experience as a system security engineer or information security engineer
- Thorough knowledge of NIST 800-53 controls, ATO processes, and FedRAMP systems
- Required to maintain ATO for systems and perform during annual Adaptive Capabilities Testing (ACT)
- Thorough understanding of the latest security principles, techniques, and protocols
- Experience with Kali, Linux, and Windows Operating Systems
- Knowledge of static and dynamic code testing
- Experience in building and maintaining security systems
- Detailed technical knowledge of database and operating system security
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
- Experience with network security and networking technologies and with system, security, and network monitoring tools
- Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
- Problem solving skills and ability to work under pressure in a fast-paced environment
- Familiarity with Cloud Computing Platforms (AWS, Azure, Google)
- Proficiency with Nessus, Burp Suite, ZAP, and OWASP
- Writing scripts with Python, Bash, and PowerShell
- Experience with Splunk, AppOmni, and AWS
- Strong analytical, troubleshooting, and problem-solving skills
- Excellent written and verbal communication skills
- Must show appetite for active learning, embracing change and mentoring others in organization
- CISSP
- AWS Security Certification
- Certified Authorization Professional (CAP)
- Certified Ethical Hacker (CEH)
- Certified Network Defense Architect (CNDA)
Benefits
- We offer a top-tier benefits package to invest in your physical, mental, and financial health and wellness so that you can be your best self - at work *and* in life.
- Opportunities to learn new skills, seize new challenges, and advance your career as we grow.
Company Overview