Principal Cyber Security Engineer

Two Six Technologies is growing and we are seeking a Principal Cybersecurity Engineer to join our Corporate team. As the Principal Cybersecurity Engineer you will analyze, plan, implement, maintain, troubleshoot and enhance large complex systems and networks.   Ideally, you would possess a wide range of security experience as well as expert knowledge of the NIST 800 series 800-53, 171) and CMMC 2.0 compliance in a Federal Government Contracting environment. 

What you will do:

• Architect, design, implement, maintain and operate information system security controls and countermeasures; supervise and train operators in the administration of these systems; document the operation, use, and expected outputs of these systems.
• Work directly with team leads, developers and operations personnel both on policy and technical implementation of technologies.
• Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance.
• Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to IT or executive management.
• Oversees the response to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; engages, interacts and coordinates with third-party incident responders, including law enforcement.
• Oversees the administration of authentication and access controls, including security/access roles, and access permissions to information assets.
• Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes mitigation of risk; oversees risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments.
• Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information security management frameworks such as NIST 800-171 and CMMC 2.0.
• Oversees the development and administration of information security training and awareness programs.

What you will need:

• Bachelor's Degree in Computer Science, Information Technology (IT), or a related discipline, or equivalent combination of education and work experience
• 8+ years of solid, diverse experience in Cyber Security Engineering and Incident Response
• 2 + years in people management/leadership experience
• Ability to lead, motivate and direct team members; and strong performance management skills to include coaching, goal setting, holding team members across multiple levels accountable
• Ability to demonstrate analytical skills, technical knowledge, and practical application of cyber and information security principles from technical teams to senior executives
• Knowledge of enterprise security solutions (Endpoint Detection and Response, Security information and Event Management, IT services management and Cloud, etc.) 
• Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions
• Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• Knowledge of an organization's information classification program and procedures for information compromise
• Proven experience in an information assurance, IT Risk and Compliance, information security, IT & Security audit, collaborating with external auditors (3PAOs) or other similar IT role involving IT security and compliance
• High level of proficiency in supporting a variety of NIST 800-171 & CMMC functions, including: client environment as-is assessments, Plan of Action & Milestones (POAM) identification & documentation, non-compliance remediation and recommendations, policy and procedure creation, and separation of duties.
• US Citizenship with the ability to obtain a government security clearance

What we would like:

• CISSP Certification
• Direct experience in network security (SOC, SIRT, CSIRT) investigating targeted intrusions through complex network segments
• Experience working as a part of a Third Party Assessment Organization (3PAO)
• Linux and scripting languages experience
• Demonstrated skill of identifying, capturing, containing, and reporting malware
• Experience with Cloud Computing Technologies (AWS, GCP, Azure)
• AWS Certification
• Experience administering additional security tools such as VPN, Sumo Logic, Qualys, and Automox
• Active TS clearance