General Dynamics Information Technology
Senior Cyber Security Engineer
General Dynamics Information Technology, Falls Church, Virginia, United States, 22042
Senior Cyber Security Engineer
Job Overview
We are seeking a highly experienced Senior Cyber Security Engineer to lead and enhance our organization's security posture. The ideal candidate will have 10 years of experience in cyber security, including 5+ years of hands-on experience in cloud security across platforms such as Azure, AWS, and/or Oracle Cloud. This role requires a deep understanding of the NIST Risk Management Framework (RMF), Cybersecurity Maturity Model Certification (CMMC), and related security requirements. The Senior Cyber Security Engineer will play a key role in reviewing and analyzing security measures to protect our systems and data from cyber threats. Key Responsibilities
Review and make recommendations for security controls across cloud and on-premises environments. Ensure compliance with NIST RMF, CMMC, and other regulatory security requirements. Develop and enforce security policies, standards, and best practices for cloud infrastructure and applications. Conduct risk assessments and security audits to identify and mitigate security risks. Collaborate with program teams to review security measures and make recommendations for improvement. Assist in the monitoring and response to security incidents, threats, and vulnerabilities, ensuring timely resolution and documentation. Support continuous monitoring efforts to ensure the security posture of multiple IT systems, operating multiple technologies, across multiple environments. Evaluate and recommend new security tools and technologies to strengthen cybersecurity defenses. Stay updated on emerging cybersecurity threats, industry trends, and best practices. Required Qualifications
5+ years of experience in cybersecurity, including security architecture, threat analysis, and risk management. 5+ years of cloud security experience, with expertise in Azure, AWS, and/or Oracle Cloud. Strong knowledge of NIST RMF, CMMC, FedRAMP, and other compliance frameworks. Proficiency with NIST special publications, 800 series (i.e. sp800-37, sp800-53, sp800-171). Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, and Endpoint Detection and Response (EDR). Proficiency in cloud security configurations, IAM, CIS Benchmarks or STIGs, log management, encryption, and network security. Experience conducting risk assessments, security audits, and incident response. Familiarity with Zero Trust Architecture and modern cybersecurity best practices. Familiarity with web applications security. Familiarity with penetration testing and common OWASP top 10 vulnerabilities. Strong analytical and problem-solving skills. Attention to detail with regard to assessment review and reporting. Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders. Preferred Qualifications
Relevant certifications such as CISSP, CISM, CCSP, CEH, or AWS/Azure Security Certifications. Experience with container security (Kubernetes, Docker) and DevSecOps practices. Knowledge of scripting and automation using Python, PowerShell, or other relevant languages. Location
On-Site (Hybrid) Salary Range
The likely salary range for this position is $127,500 - $172,500. Travel Required
Less than 10% Telecommuting Options
Hybrid Company Benefits
Our benefits package includes a variety of medical plan options, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, we offer employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. About Us
We are GDIT, a global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community.
#J-18808-Ljbffr
We are seeking a highly experienced Senior Cyber Security Engineer to lead and enhance our organization's security posture. The ideal candidate will have 10 years of experience in cyber security, including 5+ years of hands-on experience in cloud security across platforms such as Azure, AWS, and/or Oracle Cloud. This role requires a deep understanding of the NIST Risk Management Framework (RMF), Cybersecurity Maturity Model Certification (CMMC), and related security requirements. The Senior Cyber Security Engineer will play a key role in reviewing and analyzing security measures to protect our systems and data from cyber threats. Key Responsibilities
Review and make recommendations for security controls across cloud and on-premises environments. Ensure compliance with NIST RMF, CMMC, and other regulatory security requirements. Develop and enforce security policies, standards, and best practices for cloud infrastructure and applications. Conduct risk assessments and security audits to identify and mitigate security risks. Collaborate with program teams to review security measures and make recommendations for improvement. Assist in the monitoring and response to security incidents, threats, and vulnerabilities, ensuring timely resolution and documentation. Support continuous monitoring efforts to ensure the security posture of multiple IT systems, operating multiple technologies, across multiple environments. Evaluate and recommend new security tools and technologies to strengthen cybersecurity defenses. Stay updated on emerging cybersecurity threats, industry trends, and best practices. Required Qualifications
5+ years of experience in cybersecurity, including security architecture, threat analysis, and risk management. 5+ years of cloud security experience, with expertise in Azure, AWS, and/or Oracle Cloud. Strong knowledge of NIST RMF, CMMC, FedRAMP, and other compliance frameworks. Proficiency with NIST special publications, 800 series (i.e. sp800-37, sp800-53, sp800-171). Hands-on experience with security tools such as SIEM, IDS/IPS, vulnerability scanners, and Endpoint Detection and Response (EDR). Proficiency in cloud security configurations, IAM, CIS Benchmarks or STIGs, log management, encryption, and network security. Experience conducting risk assessments, security audits, and incident response. Familiarity with Zero Trust Architecture and modern cybersecurity best practices. Familiarity with web applications security. Familiarity with penetration testing and common OWASP top 10 vulnerabilities. Strong analytical and problem-solving skills. Attention to detail with regard to assessment review and reporting. Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders. Preferred Qualifications
Relevant certifications such as CISSP, CISM, CCSP, CEH, or AWS/Azure Security Certifications. Experience with container security (Kubernetes, Docker) and DevSecOps practices. Knowledge of scripting and automation using Python, PowerShell, or other relevant languages. Location
On-Site (Hybrid) Salary Range
The likely salary range for this position is $127,500 - $172,500. Travel Required
Less than 10% Telecommuting Options
Hybrid Company Benefits
Our benefits package includes a variety of medical plan options, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, we offer employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. About Us
We are GDIT, a global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community.
#J-18808-Ljbffr