Metronome, LLC
Sr. Security Engineer
Metronome, LLC, Arlington, Virginia, United States, 22201
Metronome LLC has an immediate need for a Senior Security Engineer for a new customer on a highly visible and strategic Cybersecurity Task Order. The Senior Security Engineer will need to be a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to coordinate multiple, concurrent tasks in an effective manner. This individual will work with internal team members to ensure that systems are functional, secure, and scalable. The Security Engineer will support the design and development of cybersecurity tools and technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide systems and networks.Primary Responsibilities:
Manage multiple assignments, changing priorities, and work independently with little oversight.Tackle large security projects, both of a technical and compliance nature. The senior engineer is expected to tackle difficult technical issues and changes with minimal oversight.Support all processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchases.Work closely with senior engineers, other team members, and application owners to solve technical problems at the network, system, and application levels.Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required.Documentation, Visio Diagrams, reporting, along with presentation, teamwork, and collaboration are among the expected duties.Resolve Linux system errors and crashes, disk space problems, huge file system, and full disk errors.Experience in backend solutions, day-to-day system admin and monitoring, file system management, and creation of shell scripts for task automation and log extraction.Hardware and software installations, upgrades, maintenance, security analysis, and network performance tuning of Windows and Linux servers in a virtual infrastructure.Define system security and design requirements to meet FISMA and FedRAMP compliance standards.Maintain a current working knowledge of IT development methodology, architecture design, security best practices, and technical standards.Communicate with other technical leads, IT groups, and customer representatives to ensure understanding of all aspects of proposed changes/solutions.Provide follow-up reports for Root Cause analysis, engineering technical assessment, and process improvement initiatives.Communicate security vulnerability reports and trends to ensure appropriate corrective action is taken.Develop, implement, communicate, and enforce security policies and/or processes for data, software applications, and cloud infrastructure.Superior attention to detail with excellent written and verbal communication, problem-solving, researching, and follow-up skills.Evaluate the impacts of change requests on own/shared technologies and effectively persuade and influence others on ideas.Understanding network security (firewalls and IDS) design and implementation.Minimum Qualifications:
BS degree in Science, Technology, Engineering or related field and 8-10 years of prior relevant experience with a focus on cybersecurity OR Masters with 10 years of prior relevant experience.Experience installing, configuring, securing, and troubleshooting Microsoft Windows Server and Red Hat Enterprise Linux or similar distributions.Extensive automation experience with PowerShell and Shell Scripting for automating repeatable tasks and installations.Extensive knowledge of server operations and maintenance.Experience managing Active Directory (AD) and Azure Active Directory.Experience managing Active Directory Federation Services (AD FS) and single sign-on using SAML and PIV/CAC.Experience with Active Directory Group Policy management.Knowledge and experience supporting public key infrastructure (PKI).Knowledge and experience implementing and supporting Active Directory Certificate Services (AD CS) and Azure Dedicated HSM.Knowledge and experience managing keys, certificates, certificate requests, and format conversions with OpenSSL.Understanding of cloud terminology, architecture, and tools to include installing, provisioning, and monitoring.Experience installing, configuring, and maintaining tools such as Tanium, Nessus, Axonius, CrowdStrike, and CyberArk in a hybrid-cloud environment.Extensive knowledge of Ansible and Red Hat Satellite.Perform analysis of security posture by reviewing vulnerability and compliance scans and making recommendations for remediation and managing POA&Ms.Excellent problem-solving, research, and follow-up skills.Ability to obtain an Entry of Duty (EOD) Public Trust.Candidate must meet one of these certifications: CISSP, CCSP, CCNP, CCIE Security, CEH, RHCSA, RHCA, RHCE, MCSE, COMPTIA Security+, GCIH, GPEN, OSCP, OSCE, Azure Solutions Architect Expert.Additional Skills:
Experience managing Palo Alto Networks VM-Series firewalls, AWS Network Firewall, AWS Network ACLs, AWS security groups, Azure Firewall, Azure network security groups, and related network resources.Experience managing Azure Virtual Desktop service.Solid understanding of developing and leveraging CI/CD pipelines (Continuous Integration/Continuous Deployment).
#J-18808-Ljbffr
Manage multiple assignments, changing priorities, and work independently with little oversight.Tackle large security projects, both of a technical and compliance nature. The senior engineer is expected to tackle difficult technical issues and changes with minimal oversight.Support all processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchases.Work closely with senior engineers, other team members, and application owners to solve technical problems at the network, system, and application levels.Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required.Documentation, Visio Diagrams, reporting, along with presentation, teamwork, and collaboration are among the expected duties.Resolve Linux system errors and crashes, disk space problems, huge file system, and full disk errors.Experience in backend solutions, day-to-day system admin and monitoring, file system management, and creation of shell scripts for task automation and log extraction.Hardware and software installations, upgrades, maintenance, security analysis, and network performance tuning of Windows and Linux servers in a virtual infrastructure.Define system security and design requirements to meet FISMA and FedRAMP compliance standards.Maintain a current working knowledge of IT development methodology, architecture design, security best practices, and technical standards.Communicate with other technical leads, IT groups, and customer representatives to ensure understanding of all aspects of proposed changes/solutions.Provide follow-up reports for Root Cause analysis, engineering technical assessment, and process improvement initiatives.Communicate security vulnerability reports and trends to ensure appropriate corrective action is taken.Develop, implement, communicate, and enforce security policies and/or processes for data, software applications, and cloud infrastructure.Superior attention to detail with excellent written and verbal communication, problem-solving, researching, and follow-up skills.Evaluate the impacts of change requests on own/shared technologies and effectively persuade and influence others on ideas.Understanding network security (firewalls and IDS) design and implementation.Minimum Qualifications:
BS degree in Science, Technology, Engineering or related field and 8-10 years of prior relevant experience with a focus on cybersecurity OR Masters with 10 years of prior relevant experience.Experience installing, configuring, securing, and troubleshooting Microsoft Windows Server and Red Hat Enterprise Linux or similar distributions.Extensive automation experience with PowerShell and Shell Scripting for automating repeatable tasks and installations.Extensive knowledge of server operations and maintenance.Experience managing Active Directory (AD) and Azure Active Directory.Experience managing Active Directory Federation Services (AD FS) and single sign-on using SAML and PIV/CAC.Experience with Active Directory Group Policy management.Knowledge and experience supporting public key infrastructure (PKI).Knowledge and experience implementing and supporting Active Directory Certificate Services (AD CS) and Azure Dedicated HSM.Knowledge and experience managing keys, certificates, certificate requests, and format conversions with OpenSSL.Understanding of cloud terminology, architecture, and tools to include installing, provisioning, and monitoring.Experience installing, configuring, and maintaining tools such as Tanium, Nessus, Axonius, CrowdStrike, and CyberArk in a hybrid-cloud environment.Extensive knowledge of Ansible and Red Hat Satellite.Perform analysis of security posture by reviewing vulnerability and compliance scans and making recommendations for remediation and managing POA&Ms.Excellent problem-solving, research, and follow-up skills.Ability to obtain an Entry of Duty (EOD) Public Trust.Candidate must meet one of these certifications: CISSP, CCSP, CCNP, CCIE Security, CEH, RHCSA, RHCA, RHCE, MCSE, COMPTIA Security+, GCIH, GPEN, OSCP, OSCE, Azure Solutions Architect Expert.Additional Skills:
Experience managing Palo Alto Networks VM-Series firewalls, AWS Network Firewall, AWS Network ACLs, AWS security groups, Azure Firewall, Azure network security groups, and related network resources.Experience managing Azure Virtual Desktop service.Solid understanding of developing and leveraging CI/CD pipelines (Continuous Integration/Continuous Deployment).
#J-18808-Ljbffr