Job Requirements
Quantico, VA
Top Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries
Job Description
OVERVIEW:
We are seeking a highly skilled Cyber Security Architect/Engineer to provide technical expertise, guidance, documentation, and recommendations for the following: Systems, networks, and cloud environments (i.e., AWS, Azure, etc.); Developing technical solutions and new security tools to help mitigate vulnerabilities; Performing vulnerability management assessments, penetration testing, and risk analysis to identify and remediate weaknesses; Automation and scripting using languages like Python, Bash, or PowerShell to automate repetitive security related tasks and building custom tools; Compliance and hardening ensuring systems meet industry and government standards and implementing system hardening protocols (e.g., DISA- STIGs) and; Providing mentorship to junior engineers and collaboration across cross-functional teams to integrate security into the software development lifecycle.
GENERAL DUTIES:
REQUIRED QUALIFICATIONS:
DESIRED QUALIFICATIONS:
CLEARANCE:
We are seeking a highly skilled Cyber Security Architect/Engineer to provide technical expertise, guidance, documentation, and recommendations for the following: Systems, networks, and cloud environments (i.e., AWS, Azure, etc.); Developing technical solutions and new security tools to help mitigate vulnerabilities; Performing vulnerability management assessments, penetration testing, and risk analysis to identify and remediate weaknesses; Automation and scripting using languages like Python, Bash, or PowerShell to automate repetitive security related tasks and building custom tools; Compliance and hardening ensuring systems meet industry and government standards and implementing system hardening protocols (e.g., DISA- STIGs) and; Providing mentorship to junior engineers and collaboration across cross-functional teams to integrate security into the software development lifecycle.
GENERAL DUTIES:
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automating repeatable tasks
- Design secure cloud infrastructure blueprints for AWS, Azure, etc.
- Build automated security checks into deployment pipelines
- Implement continuous security monitoring, logging, and alerting systems
- Ensure cloud environments meet SOC2, ISO27001 and HIPPA standards
- Assist security personnel in responding to incidents across a wide array of technologies, mitigating and containing impacts, coordinating remediation efforts, and documenting recommendations for improvement to include cloud specific security alerts and vulnerabilities
- Define Identity and Access Management policies and encryption standards
- Provide up-to-date reports on security incidents and task process
- Maintain documentation to support security strategies for networks by outlining the requirements and benefits of specific security tools and/or solutions
REQUIRED QUALIFICATIONS:
- A bachelor's degree from an accredited college or university in Computer Science, Cyber Security, Engineering, Cybersecurity, or related field.
- Industry-recognized security credentials such as CISSP, CISM, Security+, CCSP, CSPM, and CNAPP, or similar certification.
- AWS Certified Security - Specialty; Microsoft Certified: Azure Security Engineer Associate.
- At least six (6) years of experience as a Cyber Security Architect/Engineer in a corporation, government, or commercial firm.
- At least three years of experience securing enterprise cloud infrastructure (e.g., AWS, Azure, etc.)
- Proficient with Infrastructure as Code security tools (Terraform, CloudFormation).
- Ability to engineer and deploy security toolsets to include SIEM (Splunk), EDR (CarbonBlack), Vulnerability scanners (Nessus, Qualys) and analytics solutions (Elastic Stack (Elasticsearch, Logstash, Kibana - ELK), or similar).
- Experience scripting with Python, Bash, or PowerShell for security automation.
- Deep knowledge of networking protocols (TCP/IP, DNS, HTTP/HTTPS) and firewalls.
- Proficiency in securing both Linux and Windows environments.
- Experience with container security (Docker, Kubernetes) and cloud-native security tools.
- Experience conducting security assessments, penetration testing and/or ethical hacking, and identifying and mitigating vulnerabilities.
- Excellent analysis and critical thinking skills.
- Exceptional leadership and organizational skills.
- Experience working with technical teams in customer environments
- Excellent oral and written communication skills.
DESIRED QUALIFICATIONS:
- Architect and operate a hybrid SIEM stack spanning Microsoft Sentinel and Splunk Enterprise across on-prem, Azure, AWS; design ingestion pipelines (DCR/AMA, Splunk UF/HF/HEC), normalization with ASIM/CIM, and cross-workspace/cross-tenant event sharing.
- Lead security architecture reviews and reference designs aligned to Zero Trust, NIST 800-53/207, CNSSI 1253; deliver threat models, control mappings, and security data flow diagrams for collection networks.
- Build and maintain detections-as-code: author and version KQL/SPL analytics, watchlists, and entity behavior rules with MITRE ATT&CK coverage.
- Administer a proactive threat-hunting program using KQL/SPL, Jupyter notebooks (MSTICPy), Sigma conversion, and purple-team ATT&CK emulations; convert hunt findings into resilient analytics and anomaly baselines.
- Optimize telemetry governance and cost: table/namespace policies, retention tiers/archival, Splunk license and index strategy, Sentinel ingestion caps and data filters in addition to egress controls for sensitive / classified data.
- Establish incident response operations and service level objectives: unify case management (Sentinel Incidents, Splunk ES Notables), evidence handling, post-incident reviews, and executive dashboards/metrics for readiness and dwell time.
- Provide tiered platform support and enablement: backlog grooming, rule/playbook quality assurance, change control, analyst/admin training, and Authority-to-Operate/Risk Management Framework continuous monitoring package updates as required.
CLEARANCE:
- Active Top Secret minimum clearance
group id: 90943786