Peraton
Security Engineer
Peraton, North, South Carolina, United States, 29112
Peraton Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated solutions and technologies to protect our nation and allies. Peraton is seeking an
experienced and highly skilled Security Engineer
to join our growing security team. The ideal candidate will bring years of hands-on experience in designing, implementing, and managing security solutions in a
large, multi-tenant environment . In particular, this individual will have deep expertise in
cloud security
technologies, specifically within
Azure
and
AWS
environments, as well as experience with key security tools such as
CrowdStrike ,
Splunk , and
Tenable I.O. . Experience with additional
EDR ,
SIEM , or
vulnerability assessment tools
is highly preferred. The
Security Engineer
will be responsible for securing and monitoring cloud-based infrastructures, managing endpoint security solutions, and working with vulnerability management tools to ensure the organization’s security posture is robust and proactive. This is an excellent opportunity for a seasoned security professional with a strong background in
networking ,
application security , and
security operations
to make a meaningful impact on a large-scale enterprise environment. Day to Day Work Responsibilities: Cloud Security :
Design, implement, and manage security controls in
AWS
and
Azure
cloud environments, including identity and access management (IAM), encryption, networking security, and monitoring. Ensure cloud security best practices are followed and leverage native security tools (e.g., AWS Security Hub, Azure Security Center) alongside third-party solutions. Implement
cloud infrastructure security monitoring , ensure proper segmentation and access control policies, and safeguard cloud workloads and data.
EDR and Endpoint Security :
Hands-on configuration, management, and troubleshooting of
CrowdStrike
(or other endpoint detection and response tools), ensuring optimal endpoint protection across the enterprise. Work with internal teams to monitor and respond to security alerts, review threat intelligence data, and escalate or remediate incidents as necessary. Tune EDR systems to improve detection capabilities, reduce false positives, and enhance incident response effectiveness.
SIEM Management and Incident Response :
Administer, configure, and maintain
Splunk
or other
SIEM
platforms for comprehensive event logging, correlation, and analysis. Develop and tune
Splunk
queries and dashboards to enhance visibility into security events and incidents. Support incident response by leveraging SIEM data to investigate alerts, conduct forensics, and assist in the triage and resolution of security incidents.
Vulnerability Management :
Implement and manage vulnerability assessment tools, primarily
Tenable I.O. , to perform scans and identify weaknesses across enterprise systems, applications, and networks. Collaborate with vulnerability management teams to prioritize and remediate vulnerabilities, track mitigation efforts, and verify that vulnerabilities are properly addressed.
Security Architecture and Design :
Work closely with architecture and development teams to design secure systems, applications, and networks, with a focus on preventing vulnerabilities and improving system resilience. Provide security input and guidance during the development lifecycle, ensuring secure coding practices and the proper use of security controls.
Network Security :
Apply your expertise in
network security
to configure and maintain secure network architectures, including firewalls, VPNs, proxies, and intrusion detection/prevention systems (IDS/IPS). Work to detect, prevent, and respond to network-based threats and anomalies. Understand and implement
network segmentation ,
micro-segmentation , and secure access policies to minimize attack surfaces.
Automation and Integration :
Automate repetitive security tasks, improve security operations workflows, and integrate security solutions to streamline monitoring, alerting, and incident response. Implement and manage security orchestration, automation, and response (SOAR) solutions to improve incident detection and response times.
Security Monitoring and Threat Intelligence :
Continuously monitor cloud and on-premise infrastructures, endpoints, and networks for threats using advanced security monitoring tools. Analyze threat intelligence feeds to identify emerging risks and proactively implement measures to defend against new attack vectors. Stay updated on the latest threat trends, vulnerabilities, and exploit techniques, and share knowledge with other team members.
Collaboration and Documentation :
Work closely with cross-functional teams (engineering, IT, operations, etc.) to ensure security best practices are integrated throughout the organization's systems, applications, and processes. Maintain detailed documentation of security architecture, configurations, processes, and incident reports for audit and compliance purposes. Provide training, mentorship, and guidance to junior security team members.
Qualifications
Basic Qualifications: Minimum of 5-7 years of professional experience in
security engineering
or a similar role in a large, multi-tenant environment. Hands-on experience in
cloud security
with
AWS
and
Azure , including managing IAM policies, securing cloud infrastructure, and implementing cloud security best practices. Proficient with
EDR tools
such as
CrowdStrike
and experience in the deployment, configuration, and troubleshooting of endpoint security solutions. Strong expertise with
SIEM
platforms, especially
Splunk , for security event management, monitoring, and incident response. In-depth knowledge of
vulnerability assessment tools , particularly
Tenable I.O. , and experience running scans, interpreting results, and remediating vulnerabilities. Strong background in
networking technologies
(TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, etc.) and
network security protocols
(SSL/TLS, IPSec, etc.). Proficient with
operating systems
(Linux, Windows, Unix) and their associated security controls. Experience with
application security , including secure coding practices, vulnerability scanning, and threat modeling. Preferred Qualifications: Bachelor’s degree in
Computer Science ,
Information Security ,
Network Engineering , or related STEM field Familiarity with security automation and orchestration platforms (e.g.,
SOAR
solutions). Certifications
(one or more of the following is a plus):
CISSP
(Certified Information Systems Security Professional) AWS Certified Security – Specialty Azure Security Engineer
(Microsoft Certified: Azure Security Engineer Associate) CEH
(Certified Ethical Hacker) CompTIA Security+
or other relevant security certifications.
Experience with other
EDR ,
SIEM , or
vulnerability management tools
such as
Palo Alto Networks ,
Rapid7 Nexpose , or
Qualys
is a plus. Familiarity with
container security
(e.g., Docker, Kubernetes) and securing
CI/CD pipelines . Excellent problem-solving skills, with the ability to investigate complex security incidents and root causes. Strong communication skills, both written and verbal, with the ability to explain complex security concepts to technical and non-technical stakeholders. Ability to work in a fast-paced environment, manage multiple priorities and meet deadlines. Working Conditions: Full-time position located at [Insert location] or available for remote work based on company policies. Occasional on-call availability for critical security incidents. Collaborative, fast-paced work environment with opportunities for continuous learning and career development. Target Salary Range
$112,000 - $179,000. This represents the typical salary range for this position based on experience and other factors.
#J-18808-Ljbffr
experienced and highly skilled Security Engineer
to join our growing security team. The ideal candidate will bring years of hands-on experience in designing, implementing, and managing security solutions in a
large, multi-tenant environment . In particular, this individual will have deep expertise in
cloud security
technologies, specifically within
Azure
and
AWS
environments, as well as experience with key security tools such as
CrowdStrike ,
Splunk , and
Tenable I.O. . Experience with additional
EDR ,
SIEM , or
vulnerability assessment tools
is highly preferred. The
Security Engineer
will be responsible for securing and monitoring cloud-based infrastructures, managing endpoint security solutions, and working with vulnerability management tools to ensure the organization’s security posture is robust and proactive. This is an excellent opportunity for a seasoned security professional with a strong background in
networking ,
application security , and
security operations
to make a meaningful impact on a large-scale enterprise environment. Day to Day Work Responsibilities: Cloud Security :
Design, implement, and manage security controls in
AWS
and
Azure
cloud environments, including identity and access management (IAM), encryption, networking security, and monitoring. Ensure cloud security best practices are followed and leverage native security tools (e.g., AWS Security Hub, Azure Security Center) alongside third-party solutions. Implement
cloud infrastructure security monitoring , ensure proper segmentation and access control policies, and safeguard cloud workloads and data.
EDR and Endpoint Security :
Hands-on configuration, management, and troubleshooting of
CrowdStrike
(or other endpoint detection and response tools), ensuring optimal endpoint protection across the enterprise. Work with internal teams to monitor and respond to security alerts, review threat intelligence data, and escalate or remediate incidents as necessary. Tune EDR systems to improve detection capabilities, reduce false positives, and enhance incident response effectiveness.
SIEM Management and Incident Response :
Administer, configure, and maintain
Splunk
or other
SIEM
platforms for comprehensive event logging, correlation, and analysis. Develop and tune
Splunk
queries and dashboards to enhance visibility into security events and incidents. Support incident response by leveraging SIEM data to investigate alerts, conduct forensics, and assist in the triage and resolution of security incidents.
Vulnerability Management :
Implement and manage vulnerability assessment tools, primarily
Tenable I.O. , to perform scans and identify weaknesses across enterprise systems, applications, and networks. Collaborate with vulnerability management teams to prioritize and remediate vulnerabilities, track mitigation efforts, and verify that vulnerabilities are properly addressed.
Security Architecture and Design :
Work closely with architecture and development teams to design secure systems, applications, and networks, with a focus on preventing vulnerabilities and improving system resilience. Provide security input and guidance during the development lifecycle, ensuring secure coding practices and the proper use of security controls.
Network Security :
Apply your expertise in
network security
to configure and maintain secure network architectures, including firewalls, VPNs, proxies, and intrusion detection/prevention systems (IDS/IPS). Work to detect, prevent, and respond to network-based threats and anomalies. Understand and implement
network segmentation ,
micro-segmentation , and secure access policies to minimize attack surfaces.
Automation and Integration :
Automate repetitive security tasks, improve security operations workflows, and integrate security solutions to streamline monitoring, alerting, and incident response. Implement and manage security orchestration, automation, and response (SOAR) solutions to improve incident detection and response times.
Security Monitoring and Threat Intelligence :
Continuously monitor cloud and on-premise infrastructures, endpoints, and networks for threats using advanced security monitoring tools. Analyze threat intelligence feeds to identify emerging risks and proactively implement measures to defend against new attack vectors. Stay updated on the latest threat trends, vulnerabilities, and exploit techniques, and share knowledge with other team members.
Collaboration and Documentation :
Work closely with cross-functional teams (engineering, IT, operations, etc.) to ensure security best practices are integrated throughout the organization's systems, applications, and processes. Maintain detailed documentation of security architecture, configurations, processes, and incident reports for audit and compliance purposes. Provide training, mentorship, and guidance to junior security team members.
Qualifications
Basic Qualifications: Minimum of 5-7 years of professional experience in
security engineering
or a similar role in a large, multi-tenant environment. Hands-on experience in
cloud security
with
AWS
and
Azure , including managing IAM policies, securing cloud infrastructure, and implementing cloud security best practices. Proficient with
EDR tools
such as
CrowdStrike
and experience in the deployment, configuration, and troubleshooting of endpoint security solutions. Strong expertise with
SIEM
platforms, especially
Splunk , for security event management, monitoring, and incident response. In-depth knowledge of
vulnerability assessment tools , particularly
Tenable I.O. , and experience running scans, interpreting results, and remediating vulnerabilities. Strong background in
networking technologies
(TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, etc.) and
network security protocols
(SSL/TLS, IPSec, etc.). Proficient with
operating systems
(Linux, Windows, Unix) and their associated security controls. Experience with
application security , including secure coding practices, vulnerability scanning, and threat modeling. Preferred Qualifications: Bachelor’s degree in
Computer Science ,
Information Security ,
Network Engineering , or related STEM field Familiarity with security automation and orchestration platforms (e.g.,
SOAR
solutions). Certifications
(one or more of the following is a plus):
CISSP
(Certified Information Systems Security Professional) AWS Certified Security – Specialty Azure Security Engineer
(Microsoft Certified: Azure Security Engineer Associate) CEH
(Certified Ethical Hacker) CompTIA Security+
or other relevant security certifications.
Experience with other
EDR ,
SIEM , or
vulnerability management tools
such as
Palo Alto Networks ,
Rapid7 Nexpose , or
Qualys
is a plus. Familiarity with
container security
(e.g., Docker, Kubernetes) and securing
CI/CD pipelines . Excellent problem-solving skills, with the ability to investigate complex security incidents and root causes. Strong communication skills, both written and verbal, with the ability to explain complex security concepts to technical and non-technical stakeholders. Ability to work in a fast-paced environment, manage multiple priorities and meet deadlines. Working Conditions: Full-time position located at [Insert location] or available for remote work based on company policies. Occasional on-call availability for critical security incidents. Collaborative, fast-paced work environment with opportunities for continuous learning and career development. Target Salary Range
$112,000 - $179,000. This represents the typical salary range for this position based on experience and other factors.
#J-18808-Ljbffr