Return To Job Search
Sr. Cyber Security Engineer and Architect
District of Columbia
Washington-Arlington-Alexandria Metro Area
Infrastructure Services
Security Administrator/Engineer
JN -022018-20880

Sr. Cyber Security Engineer and Architect

Crescent Solutions is currently looking for a highly experienced Sr. Cyber Security Engineer and Architect for a global corporation.  This position requires a person highly motivated, self-driven individual seeking the highest standards in preventing, protecting and educating the company against cyber security threats. The ideal candidate will have a minimum of 10 years of hands on experience with a high focus on the following:
• Preventative Ethical Hacking,
• Forensic Investigation,
• Penetration Testing
• Remediation 
• Experience in writing policies and procedure
• Experience with scripting and coding languages
• Software reviews
• Ability to lead
• Excellent communication skills
 
Candidates applying for this position should have strong familiarity with or certifications in several of the following:
• CEH v.9 / 10
• OWASP
• CND
• Cast 611
• CAST 612
• CAST 613
• CISSP
 
Candidates will be pre-screened to verify their technically abilities and hands on experience.  They should be prepared not only to discuss their training and certifications but, also give in-depth examples of where they have used their knowledge and training.  Candidates should be able to give real world examples of how they have been hands in their roles utilizing skills and training. Real world hands on experience is paramount for this role.  The client is looking for doers as well as leadership skills.  This role is both a strategic thinking and hands-on execution that will provide the right candidate an exciting opportunity to leverage and grow technical, process and leadership skills in an exciting area of the company.
Description:

  • Foster a security-centric and consultative relationship with the business and other IT teams
  • Review existing security architecture, identifies design gaps, and recommends security enhancements
  • Conduct risk assessments, including vendor risk
  • Stay abreast of current and emerging security threats and designs security architecture to mitigate them
  • Stay abreast of emerging security technologies and integrates them into security architecture as needed
  • Review, maintain and administer security policies, procedures, and other documentation
  • Provide consultation, architecture to project teams on security best practices and security design requirements
  • Develop and maintain cybersecurity standards to meet compliance requirements and to ensure effective management of cyber risks
  • Develop and provide strategic blueprints and roadmaps on cybersecurity capabilities to solutions architects
  • Represent department in Enterprise initiatives and planning; and assist with technology strategic roadmap development while ensuring cybersecurity capabilities & technical controls are incorporated
  • Develop and maintain cybersecurity standards to meet compliance requirements and to ensure effective management of cyber risks
  • Develop and provide strategic blueprints and roadmaps on cybersecurity capabilities to solutions architects
  • Represent department in Enterprise initiatives and planning; and assist with technology strategic roadmap development while ensuring cybersecurity capabilities & technical controls are incorporated
  • Design, implement, and manage security practices and solutions for servers, infrastructure, workstations, mobile devices, and industrial control systems, perimeter defense, and other common enterprise technologies
  • Manage and respond to security related incidents and investigations for all company sites
  • Perform vulnerability scans and ensure appropriate remediation activities are fulfilled
  • Develop and deliver security training across the company
  • Experience in threat modeling and risk identification
  • Experience in security vulnerability assessments and remediation techniques
  • Perform other security functions or tasks as directed
 
Qualifications:
  • Bachelor’s Degree in Computer Science or in “STEM” Majors (Science, Technology, Engineering and Math)
  • 10+ years’ experience in Information Technology
  • 8+ years’ experience in Cyber Security engineering and support
  • 5+ years’ experience in cloud governance and architecture
 
Eligibility Requirements:
  • Legal authorization to work in the U.S. is required.
  • Must be willing to travel domestic & international
  • Must be willing to work out of an office located in Northern Virginia, DC Area
 
Technical Expertise:
  • Minimum of 5 years of experience with detection technologies (e.g. Snort, Suricata, Bro, netsniff)
  • Minimum of 4 years of experience with scripting languages (e.g. Ruby, Python, Perl, and Powershell)
  • Minimum of 2 years of experience with cloud technologies (e.g. AWS, Azure, OpenStack)
  • Minimum of 1 year of experience with secure development life-cycles
  • Minimum of 1 year of experience with identity management and authentication
  • 5-7 years of experience administering Windows and Unix-like operating systems (e.g. Linux, OSX)
  • 5-7 years’ experience administering orchestration tools such as Puppet, SALTStack, Chef, or Ansible
  • Experience in computer security incident response, including forensic investigations and chain of custody
  • Experience with CheckPoint (R80) and Cisco ASA firewalls.
  • Experience with Cisco AMP and Cisco Email Security Appliances
  • Experience with multifactor authentication mechanisms
  • Experience with the Cisco networking technology stack, including VPN
  • Experience in Enterprise logging, log analysis and correlation engines
  • Nice to have familiarity with industrial control systems Cyber Security norms and standards (IEC62443, NERC-CIP, ANSSI, ISO 27k…)
  • Prior experience working within an Agile framework (Scrum/Kanban)
  • One or more Security Certifications or equivalent (CISSP, etc.)
  • One or more Platform Certifications or equivalent (RHCE, LFCE, etc.)
  • Knowledge of CI/CD and automation tools (Chef, Git, Jenkins)
  • Experience in securing cloud infrastructure such as AWS, Azure and alike (i.e., inspection, logging, WAF, VM)
  • Experience in deployment of cloud controls for infrastructure, platform, and applications (IaaS/SaaS/PaaS), specifically within AWS, Azure and GCP
  • Familiarity with data analytics and machine learning principles and techniques
  • Knowledge of SIEM API integration techniques

Previous MonthNext Month
SunMonTueWedThuFriSat