Description
Description
We are seeking a skilled Security Engineer with extensive experience in vulnerability remediation at the operating system (OS) level to join our IT team on-site in Washington, D.C. The ideal candidate will be responsible for ensuring the security and integrity of our cloud infrastructure by identifying, assessing, and mitigating vulnerabilities. This role requires a deep understanding of cloud services, operating system vulnerabilities, and best practices for securing cloud environments that are hosting a variety for MS Windows, and Linux (Red hat, Ubuntu, Amazon) operating systems.
Key Responsibilities:
Identify and remediate vulnerabilities in cloud infrastructure, with a specific focus on OS-level threats across multiple cloud platforms, including compliance with STIG and CIS benchmarks.
Collaborate with the cybersecurity team to conduct regular security assessments, vulnerability scans, and penetration tests to identify potential weaknesses.
Contribute to the development and maintenance of security policies, standards, and procedures for cloud infrastructure, working closely with the cybersecurity team.
Work with development and operations teams to ensure secure deployment of applications, emphasizing secure configurations and OS-level hardening.
Monitor security alerts and logs to detect and respond to potential security incidents across cloud environments.
Stay up-to-date with the latest security threats, vulnerabilities, and technology trends relevant to cloud infrastructure and operating systems.
Provide guidance and mentorship to junior engineers and team members on best practices for security and vulnerability management in cloud environments.
Document security controls, configurations, and processes for audit and compliance purposes, ensuring alignment with organizational standards.
Collaborate in maintaining the continuous monitoring strategy; assist in the observation and analysis of detected threats and/or compliance violations.
Qualifications
Qualifications: Qualifications:
Bachelor's degree in Computer Science, Information Technology, or a related field with a minimum of 7 years of experience.
Proven experience in identifying and remediating OS-level vulnerabilities in both Linux and Windows environments with a strong understanding of STIG and CIS compliance requirements.
Strong understanding of cloud security frameworks and best practices, including NIST, CIS, and ISO 27001.
Proficiency in using security tools such as Nessus Tenable, ORCA Security, AWS Security Hub, Azure Security Center, Google Cloud Security Command Center, and other vulnerability scanning tools.
Familiarity with Red Hat Satellite server, WSUS, IBM BigFix or other similar toolsets.
Knowledge of scripting languages such as Python, Bash, PowerShell, Ansible for automation of security remediation tasks.
Excellent problem-solving skills and the ability to work under pressure in a fast-paced environment.
Strong communication and interpersonal skills, with the ability to explain complex security issues to technical and non-technical stakeholders.
Additional Requirements:
Must be a US citizen, willing and able to work on-site in Washington, D.C.
Excellent interpersonal and communication skills, both written and verbal.
Commitment to following stringent security protocols.
Well-organized, with a high level of attention to detail and the ability to prioritize tasks.
Target salary range: $160,001 - $200,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.
Apply on company website
Find Connections via Linkedin
