Defense Point Security
  • Greenbelt, MD, USA
  • Full Time

Do you want to work for a company that is passionate about security and has a fun, start-up culture with large company perks? Do you want to be in an environment where you will continuously learn new skills, grow and take on new opportunities due to the abundance of new projects on the horizon?

If you answered yes to these questions, this opportunity could be for you! 

Defense Point Security offers a competitive benefits package to include:

  • Medical, Dental, Vision Insurance Premiums are 100% paid by DPS for employee and eligible dependents
  • Personal Accident Insurance paid by DPS
  • Life Insurance paid by DPS
  • Short- and Long-Term Disability Insurance paid by DPS
  • 401k Contribution Matching and 100% vested after 90 days
  • Flexible Spending Accounts 
  • Commuter Assistance
  • Paid Time Off starting at 3 weeks a year (15 days)
  • 10 paid Federal Holidays
  • Capital BikeShare Membership for DC Metro Area
  • Reimbursement for qualifying training expenses
  • Flexible / Alternative Work Schedule

Defense Point Security is seeking a Senior Security Engineer in Greenbelt, MD. This role typically operates on a Monday-Friday schedule but may require occasional night or weekend work as required.

Senior Security Engineer Job Responsibilities:
The Senior Security Engineer will work seamlessly with the Security Engineering Leads to conduct security engineering activities, to include:

  • Design, implement and monitor security measures for the protection of web sites, networks and information privacy
  • Identify, define & implement system security requirements for external and internal facing web applications
  • Work with the Infrastructure and Engineering Staff to incorporate tools and best practices that ensure control requirements are addressed to promote a robust security posture for the communications aspects of applications in both a private on premises data centers and public cloud offerings.
  • Conduct assessments using COTS and other tools to ensure coding practices are followed and effective as well as identify risks.
  • Ensure the secure design, architecture, installation, configuration, hardening, and remediation for software applications to protect organizations' sensitive information for On-Premise and Cloud environments.
  • Validate that system and application design and architecture meet best practice Security standards
  • Develop strategies to respond to and recover from a security breach. Information Security Engineers are also responsible for educating the workforce on information security through training and building awareness.
  • Follows documented application technical approaches to assess threats and residual risks, along with specifying the implementations required for customer
  • Utilizes the organization tasking tracking database, framework and application to manage security operations and make the necessary reports based on due dates, assignments, coordination requirements, percent of completion, completion and archival. Devises solutions to operational problems within the capacity and operational limitations of installed equipment.
  • Analyzes change requests for security impacts to applications and provides recommendations to leadership.
  • Monitors and tracks application related security defects and resolutions; assigns tasks to the appropriate working group or individual. Coordinates and facilitates working groups and integrated process teams to achieve solution.
  • Assists in establishing and implementing a Continuous Diagnostics and Mitigation (CDM) capability within application environments to ensure integrated security controls
  • Focuses on application interface management as it relates to security impacts and networking needs between Cloud and on premises Data Centers, and Cloud and Internet (VPN) users
  • Works within a Sprint to ensure engineering features and enhancements include security requirements and meet Federal directives. Acts as a bridge between project teams or developers and security personnel, by being able to understand and interface in all areas. Identifies specific areas of concern related to securing sensitive data in a both a cloud and data center environment.
  • Provides thought leadership to provide guidance and best practices
  • Provides expertise with Federal Requirements related to special classifications of data especially Title 13 and 26, FISMA, FedRAMP. NIST, etc.
  • Generates documentation as required.

Senior Security Engineer Job Qualifications:

  • This position requires US Citizenship due to our Federal contractual obligation.
  • Masters Degree and 12 years of IT or Bachelors Degree and 16 years of IT experience
  • 6+ years of direct experience supporting a SOC in a security engineering capacity
  • Experience implementing, operating and maintaining one or more of the following technologies: Digital Guardian (DLP), Gigamon, Moloch, Phantom, Trustwave DBProtect, Cylance, Splunk Enterprise, Tanium, Cisco Firepower (IDS) and/or Infoblox.
  • Experience performing Enterprise level security hardening for Windows, Linux, Android and/or iOS operating systems and SQL, Oracle, and RDS database solutions in accordance with Center for Internet Security (CIS) and Security Technical Implementation Technical Guides (STIGs)
  • Familiarity with the Risk Management Framework (NIST 800-37), Security Controls as described in NIST 800-35, and the Federal Information Security Modernization Act (FISMA) operating standards and applicable guidelines

Senior Security Engineer Preferred Qualifications

  • Certifications: CISSP, CCNP, AWS SA, applicable MS certs
  • Acquisition, design, deployment, installation, maintenance, and usage of the Government Enterprise networks.
  • Engineering solutions within multiple Cloud Service Providers, in particular AWS.
  • Understanding of the Amazon Web Services (AWS) Well Architected Framework
  • Experience with automating server configuration for security including logging, key changes, and system hardening.
  • Knowledge of web application attacks and defense strategies including those found in the OWASP Top 10 and mobile Top 10Knowledge of encryption, key management and cryptology
  • Experience with risk analysis, root cause analysis, risk identification, and risk mitigation

Job Location: Greenbelt, MD

Position Type: Full-Time/ Regular

All candidates must be clearable.

To see other locations please see the Security Engineering Career Menu on defpoint.com

Defense Point Security is an Equal Opportunity / Affirmative Action Employer. We are committed to hiring and retaining a diverse Community workforce. DPS gives equal consideration to all qualified candidates without regard to race, color, religion, creed, gender identity, national origin, sex, pregnancy, marital status, age, sexual orientation, disability, veteran status, or any other protected class. 

Defense Point Security
  • Apply Now

    with our quick 3 minute Application!

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page
  • Facebook Twitter LinkedIn Email
.
Logo Home Corporate Info Services R&D DPS News Careers Search