Baseline Security Engineer
Washington, District of Columbia, United States
phia LLC
At phia, trust us to solve the complex challenges of our connected world through top-tier cyber intelligence & threat hunting. Contact us.At phia, we hire talented and passionate people who are focused on collaborative, meaningful work, providing technical and operational subject matter expertise and support services to our partners and clients.
phia is seeking a solutions-oriented Baseline Security Engineer supporting a federal customer. This job is located in Washington DC with remote capability at the discretion of the customer. Preferred candidates will live within a commutable distance to this location, but not a showstopper if outside a commutable distance.
What You'll Do
- Develop and implement security solutions in alignment with security strategy.
- Maintain an awareness of market and technology trends to bring best of breed solutions to the client.
- Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts.
- Work on unusually complex problems and provide highly innovative solutions.
- Operate with substantial latitude for unreviewed action or decision and mentor or supervise employees in both firm and technical competencies.
- Work closely with government stakeholders in understanding the vision and direction of the information technology program and decompose this architecture and associated use cases into discrete components that can be addressed from a cybersecurity engineering standpoint.
- Understand proposed and in-place architectures at a level that enables the identification and understanding of possible security risks and propose solutions for risk mitigation.
Requirements
Education + Experience
- Experience in working with the NIST 800 Special Publication series guidance for risk management and security control implementation, including 800-30,800-37, 800-53, 800-60, 800-63, 800-115, or 800-137
- Experience with reviewing, developing, or customizing general security configuration baselines
- Knowledge of the National Vulnerability Database (NVD) and Common Vulnerability Enumeration (CVE)
- Ability to translate the low-level security baseline requirements into high-level FISMA and NIST requirements and client-specific security
Desired
- Experience with networking, including CISCO, Juniper, or Palo Alto, operating systems, including Windows Server, Redhat, or Linux, cloud services, including AWS, Azure, Salesforce, Okta, O365, or ServiceNow, or Mobile Technologies, including iOS or Xen Mobile
- Experience with designing, building, and implementing automation tools, including Ansible, Chef, or Puppet
- Experience with Infrastructure as Code tools, including Cloud Formations or Terraform
- Experience with container platforms, including OpenShift
- Experience with chaos engineering and blue or green deployments
- Experience with Serverless, including Lambda, API Gateway, Step Functions, and SAM
- Experience with application performance analysis and monitoring, including ELK
- Experience with an Agile release methodology
- AWS Certified Solutions Architect or Developer Certification
- Bachelor's degree in an IT related field preferred
Required Certifications
- CCNA, MSCE, RHCSA, EBSA or ECSS Certification
Security Clearance
- U.S. Citizenship required
- Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Public Trust determination is required
Who You Are
- A proactive problem solver that appreciates the challenges of working in a fast-paced, dynamic environment.
- Intellectually curious with a genuine desire to learn and advance your career.
- An effective communicator, both verbally and in writing.
- Customer service oriented and mission focused.
- Critical thinker with excellent problem-solving skills.
If your experience and qualifications aren’t a match for this position, you will remain in our database for consideration for future opportunities that may be a better fit.
IMPORTANT: This position may be subject to Executive Order 14042 and the Safer Federal Workforce Task Force Guidance requiring covered employees to be fully vaccinated against COVID-19, which the Federal Government is not enforcing at this time.
Benefits
Who We Are
phia LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, and Information Assurance/Security. we proudly support various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.
phia values work-life balance and offers the following benefits to full-time employees:
- Comprehensive medical insurance to include dental and vision
- Short Term & Long-Term Disability
- 401k Retirement Savings Plan with Company Match
- Tuition and Professional Development Assistance
- Flex Spending Accounts (FSA)
phia does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Ansible API Gateway APIs Automation AWS Azure Clearance Cloud DoD ELK FISMA Incident response iOS Lambda Linux Monitoring NIST Okta Puppet Risk management Security Clearance Security strategy Strategy Terraform Windows
Perks/benefits: 401(k) matching Career development Health care Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs