ClearanceJobs
4253 Senior Systems Security Engineer
ClearanceJobs, Washington, District of Columbia, us, 20022
Sr. Systems Security Engineer
We are seeking for a Sr. Systems Security Engineer to assist the customer with engineering and administration tasks. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members. General duties include: Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications. Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance. Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles. Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs. Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF). Conducting, configuring, and managing vulnerability scans. Conducting vulnerability remediations, patching, and system hardening. Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls. Support security assessments, audits, and accreditation/authorization (ATO) activities. Document security configurations, engineering solutions, and compliance evidence. Troubleshoot and resolve security-related technical issues in a timely manner. Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans. Providing Incident Response (IR) activities include triage, investigating, interviewing, resolving, and reporting on events. Promoting information security awareness across the program, ensuring security controls and processes are implemented. Presenting vulnerability analysis to system owners, and leadership. This position requires a Public Trust. Required qualifications include: 5-10 years of experience in information system engineering and configuration management. 5 years of experience in control implementation and secure system engineering or design. Excellent communication skills. Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management SIEM tools (e.g., Splunk) Vulnerability Scanning tools (e.g., Tenable, Nessus) EDR tools (e.g., Crowdstrike) Web App Scanning tools (e.g., Burpsuite, Acunetix) Active Directory SANs VMWare Networking Devices Expertise in batch, bash, and/or PowerShell scripting Able to deliver and present security compliance to a wide range of audiences (i.e., system owners, division leadership). Experience configuring and operating enterprise storage across networks (SAN) Server visualization - design solutions and configuration (VMWare, VSphere, Hyper-V, etc) Experience with: Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases Agile Methodologies GRC Tools (e.g., CSAM) Strong desire to learn, grow and is highly motivated. Certifications: OS specific certifications, Security + Desired qualifications include: Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP Understanding of servers and security tools Education: Bachelor's degree in Engineering, Computer Science, or Information Systems Certifications: CompTIA Server+, Cloud certifications (AWS, Azure, Google), Network+, CCNA, RHCSA, Azure (AZ-104, AZ-204, AZ-500, AZ-305), AWS Solutions Architect Clearance: US Citizenship required
We are seeking for a Sr. Systems Security Engineer to assist the customer with engineering and administration tasks. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members. General duties include: Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications. Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance. Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles. Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs. Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF). Conducting, configuring, and managing vulnerability scans. Conducting vulnerability remediations, patching, and system hardening. Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls. Support security assessments, audits, and accreditation/authorization (ATO) activities. Document security configurations, engineering solutions, and compliance evidence. Troubleshoot and resolve security-related technical issues in a timely manner. Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans. Providing Incident Response (IR) activities include triage, investigating, interviewing, resolving, and reporting on events. Promoting information security awareness across the program, ensuring security controls and processes are implemented. Presenting vulnerability analysis to system owners, and leadership. This position requires a Public Trust. Required qualifications include: 5-10 years of experience in information system engineering and configuration management. 5 years of experience in control implementation and secure system engineering or design. Excellent communication skills. Hands on experience with: Security monitoring and evaluation, including audits, assessments, and risk management SIEM tools (e.g., Splunk) Vulnerability Scanning tools (e.g., Tenable, Nessus) EDR tools (e.g., Crowdstrike) Web App Scanning tools (e.g., Burpsuite, Acunetix) Active Directory SANs VMWare Networking Devices Expertise in batch, bash, and/or PowerShell scripting Able to deliver and present security compliance to a wide range of audiences (i.e., system owners, division leadership). Experience configuring and operating enterprise storage across networks (SAN) Server visualization - design solutions and configuration (VMWare, VSphere, Hyper-V, etc) Experience with: Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases Agile Methodologies GRC Tools (e.g., CSAM) Strong desire to learn, grow and is highly motivated. Certifications: OS specific certifications, Security + Desired qualifications include: Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP Understanding of servers and security tools Education: Bachelor's degree in Engineering, Computer Science, or Information Systems Certifications: CompTIA Server+, Cloud certifications (AWS, Azure, Google), Network+, CCNA, RHCSA, Azure (AZ-104, AZ-204, AZ-500, AZ-305), AWS Solutions Architect Clearance: US Citizenship required