Job Closed
This listing is no longer active.
Cyber solutions that move you forward, faster.
Senior Security Engineer – SIEM, SPLUNK
Location
United States
Posted
177 days ago
Salary
$78K - $135K / year
Seniority
Senior
Job Description
Senior Security Engineer – SIEM, SPLUNK
Coalfire
• Join a highly collaborative security operations team delivering vulnerability management services to Cloud Service Providers, and other organizations operating highly regulated environments. • Review vulnerabilities and data from various sources (e.g., penetration testing, vulnerability scanning) across different technologies and environments to assess the risk level to business assets. • Conduct recurring and on-demand OS/DB & Web scanning activities for multiple customer environments. • Build, configure, and manage vulnerability management tools within customer environments, serving as the subject matter expert for vulnerability management queries. • Assist customers with scanning their FedRamp environment, establishing standards, and managing false positives and exceptions. • Utilize customer scan data to create a Plan of Action and Milestones (POAM) for regular delivery to customers. • Communicate with internal management to provide insights into the current risk posed by vulnerabilities in customer environments and proposed remediation strategies. • This position will be the liaison between the vulnerability management team and various SRE teams and customer teams and must be able to provide technical remediation details or workarounds, help track and identify asset inventory, log work tickets and exceptions and research vulnerability findings. • Develop and maintain standard operating procedures, training documents, technical documentation, and troubleshooting guidelines for security solutions. • Configure and troubleshoot scanning devices and resolve agent & authentication issue. • Implement technical solutions to automate repetitive tasks. • Provide guidance, instruction, and thought leadership to clients and team members. • Manage and follow up on tickets and customer requests. • Work independently and with vendors’ professional services to diagnose and troubleshoot any issues with vulnerability assessment tools. • Provide oversight and orchestrate key parties from Coalfire and client teams during escalations with a focus on expedited resolution. • Provide analysis of Information Security vulnerabilities and determine true or false positive, and work with appropriate teams for remediation. • Analyze identified vulnerabilities to identify false positives or environmental factors that affect the risk scoring and ensure the POAM is updated to reflect that analysis.
Job Requirements
- Previous experience supporting clients from within a managed service organization.
- Experience with ITSM solutions such as Jira and ServiceNow and delivering to SLAs.
- 4-6 years of related experience in professional services, vulnerability management, and compliance monitoring.
- Must be skilled in web application testing, API testing, and network testing.
- Prior experience working with Burp Suite Professional, or other similar DAST tools.
- Proficiency in scripting, such as Python and/or PowerShell.
- 1-2 years developing playbooks, runbooks, and troubleshooting technical issues.
- Good understanding of Windows and Linux patching.
- Knowledge of vulnerability scoring systems (CVSS/CMSS)
- Experience with building, configuring, and managing vulnerability scanning tools (Nessus/Burp Suite preferred)
- Experience analyzing vulnerabilities and adjusting the risk rating/severity dependent on internal factors.
- Experience defining Operating System Baseline Configuration standards such as the Center for Internet Security (CIS) Critical Security Controls Scanning within various scanning technologies and working with appropriate teams to remediate and report on the results.
- Excellent communication, organizational, and problem-solving skills in a dynamic environment
- Experience working with Internal and External Auditors to ensure that documented controls / policies/ and standards are being adhered to.
- Effective documentation skills, including technical diagrams and written descriptions.
- Ability to work independently and as part of a team with a professional attitude and demeanor.
- Critical thinking, and ability to balance security requirements with mission needs.
- Effective documentation skills, including technical diagrams and written descriptions.
- Ability to work independently and as part of a team with a professional attitude and demeanor.
- Critical thinking, and ability to balance environmental requirements with mission needs.
- BS or above in a related Information Technology field or equivalent combination of education and experience
Benefits
- competitive perks and benefits to support you and your family
- paid parental leave
- flexible time off
- certification and training reimbursement
- digital mental health and wellbeing support membership
- comprehensive insurance options
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Staff Cloud Security Engineer
LastPassLastPass manages your passwords and online life, so you don’t have to.
• Collaborate closely with our DevOps, CI/CD engineers, and Architecture team to implement and maintain security best practices across our infrastructure. • Leverage your expertise in security architecture to help engineers build and securely operate products and services from the ground up • Assess, design, and implement security processes and controls to meet security, compliance, and audit requirements • Conduct proactive research to identify emerging threats and attack vectors • Collaborate within a highly agile product security team and across other cross-functional teams
Staff Cloud Security Engineer
LastPassLastPass manages your passwords and online life, so you don’t have to.
• Collaborate closely with our DevOps, CI/CD engineers, and Architecture team to implement and maintain security best practices across our infrastructure • Leverage your expertise in security architecture to help engineers build and securely operate products and services from the ground up • Assess, design, and implement security processes and controls to meet security, compliance, and audit requirements • Conduct proactive research to identify emerging threats and attack vectors • Collaborate within a highly agile product security team and across other cross-functional teams
Senior Security Engineer
NextGen Federal SystemsNextGen Federal Systems is an innovative technology and professional services provider specializing in advanced software solutions and comprehensive mission and business support services. We work in close collaboration with our Customers to truly understand their business and mission goals. Our approach is to design, build, implement, and manage solutions that measurably improve our client’s organizational performance. We have established and foster a corporate culture where we: Treat employees with fairness and respect regardless of their position, tenure, race, or sexual identity. Communicate the importance of our mission and our employees’ contributions to it, ensuring they understand how their job role contributes to the greater good. Openly promote and communicate our ideas for change and adaptability. Strive to achieve results as an organization. Hold employees accountable to their commitments and provide incentives that encourage positive and productive behaviors. Value the talents and contributions of our employees as the key factor for our success. Create an environment where people can engage at all levels. Encourage people to take risks and allow them to make mistakes.
This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description We are seeking an experienced Senior Security Engineer to remotely support our federal customer located in Clarksburg, WV. This role requires at least a Secret Security Clearance, and the primary work location is remote. Responsibilities include: - Performs security audits, risk analysis, application-level vulnerability testing, and security code reviews. - Develops and implements technical solutions to help mitigate security vulnerabilities. - Conducts research to identify new attack vectors. - Supports mainframe with scanning and other security focused operational support responsibilities. Qualifications - Bachelor’s Degree with 8 years of work experience. - Active Tier 3 Secret clearance. - 5+ years of experience performing security audits, risk analysis, application-level vulnerability testing, and security code reviews. - 5+ years of experience developing and implementing technical solutions to help mitigate security vulnerabilities. - Experience working within the Agile Methodology. - Experience in a cloud native architecture. - Experience working in a Kafka infrastructure. - Experience with container security in AWS. - Building and maintaining secure CI/CD Pipelines. - Strong understanding of federal security requirements. - Strong written and verbal communication skills. Company Description NextGen Federal Systems is an innovative technology and professional services provider specializing in advanced software solutions and comprehensive mission and business support services. We work in close collaboration with our Customers to truly understand their business and mission goals. Our approach is to design, build, implement, and manage solutions that measurably improve our client’s organizational performance. We have established and foster a corporate culture where we: - Treat employees with fairness and respect regardless of their position, tenure, race, or sexual identity. - Communicate the importance of our mission and our employees’ contributions to it, ensuring they understand how their job role contributes to the greater good. - Openly promote and communicate our ideas for change and adaptability. - Strive to achieve results as an organization. - Hold employees accountable to their commitments and provide incentives that encourage positive and productive behaviors. - Value the talents and contributions of our employees as the key factor for our success. - Create an environment where people can engage at all levels. - Encourage people to take risks and allow them to make mistakes.
OT Security Architect
First QualityOver 30 years. More than 40 countries. One Mission: Make Things Better
• Primarily responsible for OT security event monitoring, management, and response • Create an IS reference architecture for our OT networks • Work with OT engineering team, as well as with SOC team and verify that the reference architecture fits the business processes and requirements • Work with OT engineering teams for defining security controls for their on-going projects • Provide technical guidance to the GRC team with assessing OT 3rd party vendor and supply chain • Integrate with OT engineering projects and verify that the required IS controls are properly implemented • Revise and develop processes to strengthen the current OT Security Operations Framework, review policies and highlight the challenges in managing SLAs • Perform threat management, threat modeling, identify threat vectors and develop use cases for OT security monitoring including red\blue penetrations tests • Responsible for developing, configuring, and maintaining OT security automation and orchestration IR’s and tools. • Creation of reports, dashboards, metrics for OT security operations and presentation to Sr. Mgmt. • Create required standards and procedures (i.e. IS purchasing standard, sanitization process) in coordination with all relevant stakeholders
