Baseline Security Engineer

At phia, we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.

phia is seeking a solutions-oriented Baseline Security Engineer supporting a federal customer. This job is located in Washington DC with remote capability at the discretion of the customer. Preferred candidates will live within a commutable distance to this location, but not a showstopper if outside a commutable distance.

What You'll Do

• Develop and implement security solutions in alignment with security strategy.
• Maintain an awareness of market and technology trends to bring best of breed solutions to the client.
• Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts.
• Work on unusually complex problems and provide highly innovative solutions.
• Operate with substantial latitude for unreviewed action or decision and mentor or supervise employees in both firm and technical competencies.
• Work closely with government stakeholders in understanding the vision and direction of the information technology program and decompose this architecture and associated use cases into discrete components that can be addressed from a cybersecurity engineering standpoint.
• Understand proposed and in-place architectures at a level that enables the identification and understanding of possible security risks and propose solutions for risk mitigation.

Requirements

Education + Experience

• Experience in working with the NIST 800 Special Publication series guidance for risk management and security control implementation, including 800-30,800-37, 800-53, 800-60, 800-63, 800-115, or 800-137
• Experience with reviewing, developing, or customizing general security configuration baselines
• Knowledge of the National Vulnerability Database (NVD) and Common Vulnerability Enumeration (CVE)
• Ability to translate the low-level security baseline requirements into high-level FISMA and NIST requirements and client-specific security

Desired

• Experience with networking, including CISCO, Juniper, or Palo Alto, operating systems, including Windows Server, Redhat, or Linux, cloud services, including AWS, Azure, Salesforce, Okta, O365, or ServiceNow, or Mobile Technologies, including iOS or Xen Mobile
• Experience with designing, building, and implementing automation tools, including Ansible, Chef, or Puppet
• Experience with Infrastructure as Code tools, including Cloud Formations or Terraform
• Experience with container platforms, including OpenShift
• Experience with chaos engineering and blue or green deployments
• Experience with Serverless, including Lambda, API Gateway, Step Functions, and SAM
• Experience with application performance analysis and monitoring, including ELK
• Experience with an Agile release methodology
• AWS Certified Solutions Architect or Developer Certification
• Bachelor's degree in an IT related field preferred

Required Certifications

• CCNA, MSCE, RHCSA, EBSA or ECSS Certification

Security Clearance

• U.S. Citizenship required
• Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Public Trust determination is required

Who You Are

• A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.
• Intellectually curious with a genuine desire to learn and advance your career.
• An effective communicator, both verbally and in writing.
• Customer service oriented and mission focused.
• Critical thinker with excellent problem-solving skills.

If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.

IMPORTANT: This position may be subject to Executive Order 14042 and the Safer Federal Workforce Task Force Guidance requiring covered employees to be fully vaccinated against COVID-19, which the Federal Government is not enforcing at this time.

Benefits

Who We Are

phia LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.

phia values work-life balance and offers the following benefits to full-time employees:

• Comprehensive medical insurance to include dental and vision
• Short Term & Long-Term Disability
• 401k Retirement Savings Plan with Company Match
• Tuition and Professional Development Assistance
• Flex Spending Accounts (FSA)

phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.