World Wide Technology is a global technology solutions provider leading the AI and Digital Revolution. They are seeking a Cybersecurity Systems Engineer III to support installation, migration, and configuration activities on an Enterprise Zero Trust Program for a DoD client.
Responsibilities:
- Perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established IA standards and regulations, and recommend mitigation strategies
- Validate and verify system security requirements definitions and analysis and establish system security designs
- Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements
- Build IA into systems deployed to operational environments
- Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions
- Support the building of security architectures
- Enforce the design and implementation of trusted relations among external systems and architectures
- Assess and mitigate system security threats/risks throughout the program life cycle
- Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations
Requirements:
- 8 years of experience in areas like security analysis, security assessment, security design reviews, or threat modeling
- Ability to effectively communicate technical information both verbally and in writing
- Ability to analyze complex security issues, identify root causes, and develop solutions
- Ability to adjust to shifting priorities in accordance with mission support
- Ability to work effectively with other engineers, developers, and stakeholders
- Ability to identify and resolve issues independently, with minimal supervision
- Ability to pay close attention to detail and follow security procedures accurately
- Ability to adapt to changing security landscapes and technologies
- Ability to learn new technologies and techniques
- Current Secret clearance
- DoD 8570 IAT Level III certification
- Bachelor's degree in field like Computer Science, Information Technology, or a related field, or equivalent practical experience
- Experience in organizations that handle sensitive data or operate in mission-critical environments
- Experience with security protocols, computer and network security, and coding in at least one general purpose language (Python, Java, etc.)
- Experience with one or more observability tools (Splunk ES, Dynatrace, Grafana, AWS CloudWatch, DataDog, etc)
- Bias toward automation with experience in at least one scripting language or tool (Python, Bash, PowerShell, PowerCLI, Ansible, Chef, Puppet, etc.)
- Experience with vulnerability scanning platforms (Tenable, Remedy, Tychon, etc.)
- Experience with at least one common cyber security platform (Trellix, ForeScout, FortiNet, Crowdstrike, etc)
- Understanding of security concepts, best practices, and industry standards like NIST and ISO 27001
- Experience with SIEM (Security Information and Event Management), IDS/IPS (Intrusion Detection/Prevention Systems), firewalls, DLP (Data Loss Prevention), and other security systems
- Understanding of network protocols, firewalls, intrusion detection/prevention systems, and network security architecture
- Knowledge of operating systems, hardware, and software security, including vulnerabilities, hardening techniques, and secure coding practices
- Ability to identify and assess vulnerabilities in systems and applications, as well as perform penetration testing
- Ability to analyze logs and other data to identify security threats and incidents
- Experience in DoD STIG/RMF environments and the DoD ATO process
- Understanding of security principles involved in Zero Trust Network Architecture and tools required to implement it
- Experience with cloud infrastructure, cloud security best practices, and cloud security controls (e.g., AWS, Azure, GCP)