Veterans Staffing
Security Engineer
Reporting to the Director of Information Security, the Security Engineer is a hands-on security professional, responsible for ensuring security in the SDLC, implementation, and operational maintenance of Information Security controls and countermeasures. Performs security functions including IAM, vulnerability scanning, light pen testing, daily review of security reports and security systems. Generates internal threat intelligence to feed back into the security stack. Monitors compliance with the organization's information security policies and procedures and refers problems as appropriate. Monitors internal control systems to ensure that appropriate information access levels are maintained. Defines systems security requirements and participates in design architecture discussions. Develops security countermeasures to detect malicious activity and creates operational and compliance dashboards & reporting. Supports incident response infrastructure & cyber intelligence platform. Initiates, facilitates, and promotes activities such as security awareness training to foster information security awareness within the organization. Reviews system-related information security plans throughout the organization's network and acts as a liaison to the Information Systems Department. Ability to work independently on goals and direction provided by the Manager of Information Security, and/or Director of Information Security. Ability to lead project level initiatives. Maintains deep understanding of information technology networking and infrastructure, particularly as they pertain to network and cyber security. Develops written security process and procedures for systems and software within area of expertise to ensure consistent security policy implementation. Performs mitigation and or remediation on vulnerabilities to an acceptable compliance level. Performs annual reviews of documentation to meet requirements. Builds and maintains positive IS team partnerships. Works closely with enterprise IT, Delivery, and other functional area specialists to ensure adequate security solutions are engineered in cloud environments to mitigate risk, meet business objectives, and regulatory requirements. Serves as a cloud security consultant to help project teams comply with enterprise and IT security policies, industry regulations, and best practices. Implements and operates cloud security technologies to include preventative, detective, and compliance controls. Ability to help lead and direct team in daily job assignments. Mentors of junior staff. Essential Duties And Responsibilities:
Provide oversight and assess security controls for IaaS, PaaS, and SaaS services while collaborating with system integrators and the client's teams to deliver reliable and scalable security capabilities. Oversee and lead the implementation of security solutions; develop technical and reference architectures throughout the project duration. Perform as a subject matter expert on IAM and Cloud technologies, recommendations on security infrastructure and raise security risks in a timely manner. Develop security requirements for complex internet-facing applications and associated infrastructure components. Assess and review end-to-end secure integrations, including web services and APIs. Work closely with the information system, security teams and third-party system integrators on security engineering-related issues, resolving challenges without affecting project delivery timelines. Monitor information systems for security incidents and vulnerabilities; develop monitoring and visibility capabilities; and report on incidents, vulnerabilities, and trends. Analyze trends, news, advisories, and changes in threats, and conduct security assessments with risk mitigation plans. Review vulnerability management reports and follow up with technical stakeholders on remediation efforts. Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interact and coordinate with incident responders. Ability to work under pressure in a fast-paced environment. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Experience with Healthcare security requirements, such as ISO, HITRUST, NIST along with PCI. Adheres to policies, procedures, guidelines relative to departmental operations. Minimum Requirements:
Bachelor's /Master's degree from an accredited college/university or equivalent work experience. 6 - 8 years' experience as an Information Security Analyst/Engineer with system design and security engineering experience implementing a wide range of security solutions both in cloud and on-prem. Knowledge of security engineering to ensure security solutions development aligns with the defined architecture strategies. Professional certifications in security; Security +, CEH, CCSP, CISSP. Strong understanding of secure design and reviews, identity and access management. Extensive hands-on knowledge of IAM best practices, procedures, and software solutions. Comprehensive knowledge and experience with authentication standards & technologies, such as single sign-on (SSO), two-factor authentication, privileged access management. Excellent communication, presentation, and documentation skills. Experience with Requirement Analysis & Technical Troubleshooting. Experience with System & Technology Integration. Ability to work comfortably under pressure and deliver on tight deadlines. Ability to analyze data and information with a detailed understanding of regulatory requirements (HIPAA), as well as security frameworks (NIST CSF) and IAM methodologies. Ability to maintain the highest standards of confidentiality, integrity, and personal accountability when working with sensitive & restricted data. Proven experience in overseeing the direction, development, and implementation of software solutions. Strong knowledge of system and software quality assurance best practices and methodologies. Excellent written and oral communication skills; comfortable speaking in front of small to medium sized groups. Excellent listening and interpersonal skills. Ability to communicate ideas in both technical and user-friendly language. Highly self-motivated and keen attention to detail. Ability to effectively prioritize and execute tasks in a high-pressure environment. Experience working in a team-oriented, collaborative environment. Mentor and/or provide guidance to other members of the security team. Computer proficiency including Microsoft Office Suite (Word, Excel, Teams, etc.) Additional Skills & Qualifications Information Security Engineer:
12-month contract to hire 2 days on-site in Columbia, MD Windows Infrastructure and Systems Security: M365 Compliance and Governance; Cisco Network Security: Palo Alto firewalls; Okta IAM Security This person could grow into a Security Architect role Cloud Governance o Azure, O365 IAM
Okta implementation Entra ID Vulnerability Management DLP Pay And Benefits:
The pay range for this position is $70.00 - $75.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: Medical, dental & vision Critical Illness, Accident, and Hospital 401(k) Retirement Plan
Pre-tax and Roth post-tax contributions available Life Insurance (Voluntary Life & AD&D for the employee and dependents) Short and long-term disability Health Spending Account (HSA) Transportation benefits Employee Assistance Program Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type:
This is a hybrid position in Columbia, MD. Application Deadline: This position is anticipated to close on Aug 19, 2025.
Reporting to the Director of Information Security, the Security Engineer is a hands-on security professional, responsible for ensuring security in the SDLC, implementation, and operational maintenance of Information Security controls and countermeasures. Performs security functions including IAM, vulnerability scanning, light pen testing, daily review of security reports and security systems. Generates internal threat intelligence to feed back into the security stack. Monitors compliance with the organization's information security policies and procedures and refers problems as appropriate. Monitors internal control systems to ensure that appropriate information access levels are maintained. Defines systems security requirements and participates in design architecture discussions. Develops security countermeasures to detect malicious activity and creates operational and compliance dashboards & reporting. Supports incident response infrastructure & cyber intelligence platform. Initiates, facilitates, and promotes activities such as security awareness training to foster information security awareness within the organization. Reviews system-related information security plans throughout the organization's network and acts as a liaison to the Information Systems Department. Ability to work independently on goals and direction provided by the Manager of Information Security, and/or Director of Information Security. Ability to lead project level initiatives. Maintains deep understanding of information technology networking and infrastructure, particularly as they pertain to network and cyber security. Develops written security process and procedures for systems and software within area of expertise to ensure consistent security policy implementation. Performs mitigation and or remediation on vulnerabilities to an acceptable compliance level. Performs annual reviews of documentation to meet requirements. Builds and maintains positive IS team partnerships. Works closely with enterprise IT, Delivery, and other functional area specialists to ensure adequate security solutions are engineered in cloud environments to mitigate risk, meet business objectives, and regulatory requirements. Serves as a cloud security consultant to help project teams comply with enterprise and IT security policies, industry regulations, and best practices. Implements and operates cloud security technologies to include preventative, detective, and compliance controls. Ability to help lead and direct team in daily job assignments. Mentors of junior staff. Essential Duties And Responsibilities:
Provide oversight and assess security controls for IaaS, PaaS, and SaaS services while collaborating with system integrators and the client's teams to deliver reliable and scalable security capabilities. Oversee and lead the implementation of security solutions; develop technical and reference architectures throughout the project duration. Perform as a subject matter expert on IAM and Cloud technologies, recommendations on security infrastructure and raise security risks in a timely manner. Develop security requirements for complex internet-facing applications and associated infrastructure components. Assess and review end-to-end secure integrations, including web services and APIs. Work closely with the information system, security teams and third-party system integrators on security engineering-related issues, resolving challenges without affecting project delivery timelines. Monitor information systems for security incidents and vulnerabilities; develop monitoring and visibility capabilities; and report on incidents, vulnerabilities, and trends. Analyze trends, news, advisories, and changes in threats, and conduct security assessments with risk mitigation plans. Review vulnerability management reports and follow up with technical stakeholders on remediation efforts. Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interact and coordinate with incident responders. Ability to work under pressure in a fast-paced environment. Strong attention to detail with an analytical mind and outstanding problem-solving skills. Experience with Healthcare security requirements, such as ISO, HITRUST, NIST along with PCI. Adheres to policies, procedures, guidelines relative to departmental operations. Minimum Requirements:
Bachelor's /Master's degree from an accredited college/university or equivalent work experience. 6 - 8 years' experience as an Information Security Analyst/Engineer with system design and security engineering experience implementing a wide range of security solutions both in cloud and on-prem. Knowledge of security engineering to ensure security solutions development aligns with the defined architecture strategies. Professional certifications in security; Security +, CEH, CCSP, CISSP. Strong understanding of secure design and reviews, identity and access management. Extensive hands-on knowledge of IAM best practices, procedures, and software solutions. Comprehensive knowledge and experience with authentication standards & technologies, such as single sign-on (SSO), two-factor authentication, privileged access management. Excellent communication, presentation, and documentation skills. Experience with Requirement Analysis & Technical Troubleshooting. Experience with System & Technology Integration. Ability to work comfortably under pressure and deliver on tight deadlines. Ability to analyze data and information with a detailed understanding of regulatory requirements (HIPAA), as well as security frameworks (NIST CSF) and IAM methodologies. Ability to maintain the highest standards of confidentiality, integrity, and personal accountability when working with sensitive & restricted data. Proven experience in overseeing the direction, development, and implementation of software solutions. Strong knowledge of system and software quality assurance best practices and methodologies. Excellent written and oral communication skills; comfortable speaking in front of small to medium sized groups. Excellent listening and interpersonal skills. Ability to communicate ideas in both technical and user-friendly language. Highly self-motivated and keen attention to detail. Ability to effectively prioritize and execute tasks in a high-pressure environment. Experience working in a team-oriented, collaborative environment. Mentor and/or provide guidance to other members of the security team. Computer proficiency including Microsoft Office Suite (Word, Excel, Teams, etc.) Additional Skills & Qualifications Information Security Engineer:
12-month contract to hire 2 days on-site in Columbia, MD Windows Infrastructure and Systems Security: M365 Compliance and Governance; Cisco Network Security: Palo Alto firewalls; Okta IAM Security This person could grow into a Security Architect role Cloud Governance o Azure, O365 IAM
Okta implementation Entra ID Vulnerability Management DLP Pay And Benefits:
The pay range for this position is $70.00 - $75.00/hr. Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: Medical, dental & vision Critical Illness, Accident, and Hospital 401(k) Retirement Plan
Pre-tax and Roth post-tax contributions available Life Insurance (Voluntary Life & AD&D for the employee and dependents) Short and long-term disability Health Spending Account (HSA) Transportation benefits Employee Assistance Program Time Off/Leave (PTO, Vacation or Sick Leave) Workplace Type:
This is a hybrid position in Columbia, MD. Application Deadline: This position is anticipated to close on Aug 19, 2025.