Senior Security Engineer Lead in DC with Security Clearance
Base One Technologies
2024-11-05 18:45:33
Washington, District of Columbia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Our DC Metro based client is looking for Senior Security Engineer Lead . If you are qualified for this position, please email your updated resume in word format to Primary Responsibilities:
• Provide leadership, coaching, and mentorship to infrastructure team members
• Conceptualize, Design, Build, and Maintain current and future NOSC supported tools and platforms
• Manage multiple assignments, changing priorities, and work independently with little oversight
• Support all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same
• Work closely with senior engineers, other team members and application owners to solve technical problems at the network, system and application levels
• Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required
• Conduct network security architecture reviews to determine the size, and placement of intrusion monitoring equipment during the customer onboarding process
• Documentation and Reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task order
• Draft technical documentation, reports, and presentations as needed for customer or internal use
• Resolve Linux system errors and crashes, disk space problems, huge file system and full disk errors
• Implementation and troubleshooting of Linux network services such as NFS, NTP, FTP, SSH, DNS, Sendmail and STIG them using DISA guidelines
• Configure LDAP server and LDAP client on Linux machines for authorization and authentication
• Experience in backend solution, day to day system admin and monitoring, file system management and disk management and creation of shell scripts for the automation of tasks and the extraction of logs
• Hardware and software installations, upgrades, maintenance, security analysis and network performance and tuning of Linux servers in a virtual infrastructure
• Define system security & design requirements to meet FISMA and FedRAMP compliance standards
• Perform analysis of security posture by reviewing vulnerability and compliance scans and making recommendations for remediations and managing POAMs
• Strong expertise in Security Audit and Assessment, ATO controls and security frameworks including NIST SP 800-53, FedRAMP, Risk Management Framework
• Support operations across multiple geographic locations
• Develop solutions to complex technical issues
• Knowledge of Cisco Switches and Routers
• Provide follow-up reports (technical findings, feedback, resolution steps taken) for Root Cause analysis, engineering technical assessment and process improvement initiatives
• Providing training and documentation for the rest of the team to follow and understand
• Reviews and approves documentation and diagrams created by IT team members (e.g., system specifications). Writes documentation, including technical standards and processes
• Communicates with project manager on a frequent basis. Identifies tasks and issues that may have an impact on service levels or schedules. Provides realistic task and cost estimates
• Maintains a current and working knowledge of IT development methodology, architecture design, and technical standards. Mentors IT staff and identifies training needs. As new standards are instituted, ensures their usage by team members
• Communicates with other technical leads, IT groups, and clients so they understand the project's technical implications, dependencies, and potential conflicts. Evaluates the impacts of change requests on own/shared technologies and effectively persuades and influences others on ideas
• Reviews and approves documentation and diagrams created by IT team members (e.g., system specifications). Writes documentation, including technical standards and processes
• Considerable network engineering understanding with exposure to Juniper, Dell Fabric, Cisco routing, and switching
• Network engineering skill in network systems design (Visio, Excel, words, Documentation)
• Understanding network security (firewalls and IDS) design and implementation
• Experience with Cisco routing and switching products Basic Qualifications
Basic requirements that the recruiter should use as a filter:
• Bachelor's and 12-15 years of experience in leading Infrastructure team, system administration, database administration, network engineering, software engineering, or software development, with a concentration in Cybersecurity
• Experience Installing, configuring, securing, and troubleshooting CentOS, RHEL, or Ubuntu Linux Administration
• Extensive automation experience with PowerShell and Shell Scripting for automating Linux installs
• Experience mentoring junior personnel
• Extensive knowledge of DELL (Power Edge) and other Enterprise Servers
• Extensive knowledge of Ansible, Satellite, and VMWare ESXi/VCenter
• Network experience and understanding with the following: TCP/IP, NIS, NFS, DNS, DHCP, FTP/TFTP, SSH, SFTP, ARP
• Experience with storage tools such as NAS (NFS, SAMBA, RAID 0/1/5/6/10) and SAN (iSCSI, FiberChannel)
• Hyper Converged Infrastructure (HCI)
• Cloud and VMWare skills - Understanding of cloud terminology, architecture, and tools to include: installing, provisioning and monitoring
• Strong capabilities to assist with automating manual installation and maintenance/patching tasks and utilization of such tools as provisioning environments with Ansible
• Strong technical, analytical, and interpersonal skills
• Superior attention to detail with excellent written and verbal communication skills
• Excellent problem solving, research, and follow-up skills
• Self-motivation and ability to work independently
• Experience working with FireEye or Firepower
• Experience working in an Agile development environment
• Department of Homeland Security NOSC employees are required to obtain an Entry on Duty (EOD) clearance to support this program
• Candidate must, at a minimum, meet one of these certifications: GCUX: GIAC Certified Unix Security Administrator, Linux+ (CompTIA Linux+ Powered by LPI), LPI (Linux Professional Institute) Certifications, Oracle Linux OCA or OCP, Oracle Linux 6 Certified Implementation Specialist Certification, or Red Hat RHCSA, RHCE, CISSP,CCNP, CCNA, CCIE Security, CEH, MCSE
Preferred Qualifications
• Experience automating management tasks with Ansible, Puppet, or Chef
• Experience with Gigamon or Suricata
• Experience working in AWS and Azure
• Experience developing in Bash, Python, YAML
• Experience working with SIEM tools such as Splunk
Knowledge of CASB or Zscaler is a plus Potential for Telework: No
Clearance Level Required:Top Secret/SCI
Travel: No
Scheduled Weekly Hours: 40
Shift: Day