Tria Federal delivers digital services and technology solutions that support the health and safety of veterans, service members and civilians. They are seeking a Senior Security Engineer to support the transition and maintenance of required federal program security documentation and security processes, focusing on security operations and vulnerability monitoring.
Responsibilities:
- Engineer, implement, and monitor security measures for the protection of computer systems, networks, and information
- Identify and define system security requirements
- Design computer security architecture and develop detailed cyber security designs
- Prepare and document standard operating procedures and protocols
- Configure and troubleshoot security infrastructure devices
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Ensure that the company knows as much as possible, as quickly as possible about security incidents
- Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement
- Video documentation of Proof of Concept or Vulnerability Exploitation
- Maintain ATOs and all security documentation, including, but not limited to: SSP, CP, ISRA, TableTop Exercises, and PIA
- Manage Splunk, AppOmni, and AWS integrations to completion
Requirements:
- Ability to obtain a U.S. Federal Position of Trust clearance designation
- Must reside in and be able to perform work in the United States
- Must have lived in the United States for 3 of the last 5 years
- Bachelor's degree in cybersecurity, computer science, engineering, technology, data science, statistics, analytics, or related quantitative and software development field
- Candidate in the DMV area will be required to travel to our Baltimore office (Woodlawn MD) once a week (Tuesday)
- Proven work experience as a system security engineer or information security engineer
- Thorough knowledge of NIST 800-53 controls, ATO processes, and FedRAMP systems
- Required to maintain ATO for systems and perform during annual Adaptive Capabilities Testing (ACT)
- Thorough understanding of the latest security principles, techniques, and protocols
- Experience with Kali, Linux, and Windows Operating Systems
- Knowledge of static and dynamic code testing
- Experience in building and maintaining security systems
- Detailed technical knowledge of database and operating system security
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc
- Experience with network security and networking technologies and with system, security, and network monitoring tools
- Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
- Problem solving skills and ability to work under pressure in a fast-paced environment
- Familiarity with Cloud Computing Platforms (AWS, Azure, Google)
- Proficiency with Nessus, Burp Suite, ZAP, and OWASP
- Writing scripts with Python, Bash, and PowerShell
- Experience with Splunk, AppOmni, and AWS
- Strong analytical, troubleshooting, and problem-solving skills
- Excellent written and verbal communication skills
- Must show appetite for active learning, embracing change and mentoring others in organization
- CISSP
- AWS Security Certification
- Certified Authorization Professional (CAP)
- Certified Ethical Hacker (CEH)
- Certified Network Defense Architect (CNDA)