Cybersecurity Metrics and Reporting Lead overseeing development of security metrics and dashboards. Collaborating with teams to improve cybersecurity program effectiveness and compliance tracking.
About the role
- Security Engineer supporting civilian federal agency to implement cloud security controls and identity management solutions. Collaborating with IT and application teams to ensure compliance and security standards.
Responsibilities
- Implement, and operate ICAM solutions, including identity lifecycle management, authentication, authorization, and access governance.
- Implement Zero Trust Architecture in alignment with NIST SP 800-207, emphasizing continuous verification, least privilege, and identity-based access.
- Deploy and support SASE / SSE capabilities, including ZTNA, Secure Web Gateway, CASB, and Firewall-as-a-Service.
- Support PIV smart card and certificate-based authentication across users, device, application, and cloud environments.
- Operate, and maintain PKI and certificate management services, including certificate issuance, renewal, revocation, and automation.
- Engineer and secure cloud environments (AWS, Azure, or GCP), focusing on identity, networking, logging, and secure configurations.
- Perform vulnerability scanning, risk prioritization, and coordination of remediation activities.
- Support patch management efforts by validating system configurations and verifying remediation of security findings.
- Monitor security and identity events using SIEM and related tools; investigate and respond to security incidents.
- Participate in incident response activities, including alert triage, investigation, containment, eradication, and recovery.
- Develop and maintain incident response playbooks, runbooks, and post-incident documentation.
- Develop and maintain security engineering documentation, standards, and operational runbooks.
- Collaborate with IT, cloud, and application teams to integrate security controls into system designs and CICD pipelines.
- Provide compliance and audit support, including technical evidence for ATO, continuous monitoring, and remediation activities.
Requirements
- Proven experience in identifying and remediating vulnerabilities in both Linux and Windows environments with a strong understanding of compliance requirements.
- Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001.
- Proficiency in using security tools such as Nessus, ORCA, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools.
- Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets.
- Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks.
- Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
- Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders.
- Experience with IAM / ICAM platforms, identity federation (SAML, OAuth 2.0, OpenID Connect), and privileged access management.
- Hands-on experience implementing Zero Trust and/or SASE/SSE solutions.
- Strong knowledge of PIV/CAC, MFA, and certificate-based authentication.
- Practical experience with PKI, X.509 certificates, CRLs/OCSP, TLS, and key management.
- Experience securing cloud environments and integrating identity-centric controls.
- Knowledge of vulnerability management and patch management processes and tools.
- Familiarity with NIST SP 800-53, 800-63, and 800-207, and FISMA requirements.
- Ability to automate security and certificate lifecycle tasks using scripting tools.
- Strong written and verbal communication skills.
- Desire to work in a SAFe environment to support efficient delivery.
Benefits
- full benefits
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Senior Developer in Defensive Security for Clio, a leader in legal AI technology. Join a team to proactively tackle application security vulnerabilities and enhance security practices.
Intern role in emerging network systems at KBR Mission Technical Solutions. Focused on network interconnection problems and quality of service metrics in a collaborative environment.
Director of Product Security leading cybersecurity initiatives for medical devices at LivaNova. Ensuring patient safety and compliance with regulatory demands across product lifecycle.
Security Engineer driving modernization and improvements in KPMG's cybersecurity services. Engaging in technology evaluation, process innovation, and stakeholder communication.
Identity and Access Security Analyst at HII’s Newport News Shipbuilding focusing on SAP Security skills. Designing secure operating systems and conducting security assessments.
Senior Security Specialist ensuring compliance and security measures at Disney. Supporting audit processes and collaborating on risk assessments to enhance cybersecurity.
Risk Analyst supporting Keyloop’s Security Governance by managing information security risks. Identifying and monitoring risks while ensuring compliance with regulatory standards.
Cloud Security Engineer responsible for designing and implementing security controls for cloud environments at Keyloop. Ensuring secure adoption and compliance while working with platform and engineering teams.
IT Infrastructure & Security Engineer managing and developing network and server infrastructure at L - mobile. Collaborating on security measures and supporting internal audits in a hybrid role.