Sr. Security Engineer

Metronome LLC has an immediate need for a Senior Security Engineer for a new customer on a highly visible and strategic Cybersecurity Task Order. The Senior Security Engineer will need to be a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment, and the ability to coordinate multiple, concurrent tasks in an effective manner. This individual will work with internal team members to ensure that systems are functional, secure, and scalable. The Security Engineer will support the design and development of cybersecurity tools and technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide systems and networks.Primary Responsibilities:Manage multiple assignments, changing priorities, and work independently with little oversightTackles large security projects, both of a technical and compliance nature. The senior engineer is expected to tackle difficult technical issues and changes with minimal oversightSupport all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the sameWork closely with senior engineers, other team members and application owners to solve technical problems at the network, system and application levelsConduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as requiredDocumentation, Visio Diagrams and reporting along with presentation, teamwork and DHS wide collaboration are among the expected duties and mission of the task orderResolve Linux system errors and crashes, disk space problems, huge file system and full disk errorsExperience in backend solution, day to day system admin and monitoring, file system management and disk management and creation of shell scripts for the automation of tasks and the extraction of logsHardware and software installations, upgrades, maintenance, security analysis and network performance and tuning of Windows and Linux servers in a virtual infrastructureDefine system security & design requirements to meet FISMA and FedRAMP compliance standardsMaintain a current working knowledge of IT development methodology, architecture design, security best practices, and technical standardsCommunicate with other technical leads, IT groups, and customer reps so they understand all aspects of proposed changes/solutionsProvide follow-up reports (technical findings, feedback, resolution steps taken) for Root Cause analysis, engineering technical assessment and process improvement initiativesCommunicate security vulnerability reports and trends to ensure appropriate corrective action is takenDevelop, implement, communicate, and enforce security policies and/or processes for data, software applications, and cloud infrastructureSuperior attention to detail with excellent written and verbal communication, problem solving, researching and follow-up skillsCommunicates with other technical leads, IT groups, and clients so they understand the project's technical implications, dependencies, and potential conflicts. Evaluates the impacts of change requests on own/shared technologies and effectively persuades and influences others on ideasUnderstanding network security (firewalls and IDS) design and implementationBS degree in Science, Technology, Engineering or related field and 8-10 years of prior relevant experience with a focus on cybersecurity OR Masters with 10 years of prior relevant experience.Experience installing, configuring, securing, and troubleshooting Microsoft Windows Server and Red Hat Enterprise Linux or similar Linux distributionsExtensive automation experience with PowerShell and Shell Scripting for automating repeatable tasks and installationsExtensive knowledge of server operations and maintenanceExperience managing Active Directory (AD) and Azure Active DirectoryExperience managing Active Directory Federation Services (AD FS) and single sign-on using SAML and PIV/CACExperience with Active Directory Group Policy managementKnowledge and experience supporting public key infrastructure (PKI)Knowledge and experience implementing and supporting Active Directory Certificate Services (AD CS) and Azure Dedicated HSMKnowledge and experience managing keys, certificates, certificate requests, and format conversions with OpenSSLUnderstanding of cloud terminology, architecture, and tools to include installing, provisioning and monitoringExperience installing, configuring, and maintaining tools such as Tanium, Nessus, Axonius, CrowdStrike, and CyberArk in a hybrid-cloud environmentExtensive knowledge of Ansible and Red Hat SatellitePerform analysis of security posture by reviewing vulnerability and compliance scans and making recommendations for remediations and managing POA&MsExcellent problem solving, research, and follow-up skillsAbility to obtain an Entry of Duty (EOD) Public TrustCandidate must, at a minimum, meet one of these certifications: CISSP, CCSP, CCNP, CCIE Security, CEH, RHCSA, RHCA, RHCE, MCSE, COMPTIA Security+, GCIH, GPEN, OSCP, OSCE, Azure Solutions Architect ExpertExperience managing Palo Alto Networks VM-Series firewalls, AWS Network Firewall, AWS Network ACLs, AWS security groups, Azure Firewall, Azure network security groups, and related network resourcesExperience managing Azure Virtual Desktop serviceSolid understanding of developing and leveraging CI/CD pipelines (Continuous Integration/Continuous Deployment)