Security Engineer

Posted:
11/10/2024, 4:00:00 PM

Location(s):
Virginia, United States

Experience Level(s):
Mid Level

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Hybrid

Job Family:

Cyber Consulting (Digital)


Travel Required:

None


Clearance Required:

None

Provide support to clients related to formalizing existing security engineering processes for the design, development, deployment, maintenance, and decommissioning of cybersecurity capabilities. Provide technical expertise and assist with establishing and implementing a formal Security Engineering function, including standard operating procedures and processes that govern all phases of the security engineering lifecycle.

What You Will Do:

The following duties and responsibilities include performing hands-on administration of:

  • technologies, logically designing security solutions, and authoring engineering documentation (including project plans, requirements, risks, schedules, and other documents required as part of a formal Project Management process). Specific responsibilities shall include, but are not limited to the following:

  • Author / amend the Board’s Security Engineering program document to serve as the the primary tool for designing the ideal Security Engineering program for Information Security Branch.

  • Support the implementation of a formal Security Engineering program with a variety of product types (e.g., project plans, system designs, network diagrams, formal requirements, test cases, user stories, use cases, and standard operating procedures).

  • Document the Board’s network in the form of a network architecture/diagram.

  • Support the design and implementation of a robust security infrastructure that protects board data and systems from internal and external threats.

  • Support the maintenance and management of Board security toolsets. This might include: tasks such as upgrading software, applying patches, and configuring settings to ensure the the toolset is operating effectively and efficiently.

  • Research new security capabilities and recommend solutions that can be employed within the Board’s infrastructure. This could involve identifying new technologies that could help improve the Board’s security posture and making recommendations for their implementation.

  • Support the Board’s implementation of a Zero Trust architecture. This might include enhancing identity and access management controls, improving network segmentation, and ensuring sufficient logging and visibility across Board assets.

  • Support the Board’s evaluation of the current technology stack and propose opportunities for improvement (e.g., use current technology better, consolidate technology).

What You Will Need:

  • US Citizenship

  • Minimum of 4 years of experience

  • Experience designing and implementing secure networks and systems in either local (on-premises) or cloud computing solutions. This includes creating secure designs and integrating security appliances and technology into local, cloud, and/or hybrid networks.

  • Deep understanding of security technologies, including firewalls, intrusion detection and prevention systems, identity and access management solutions, and encryption protocols.

  • Familiarity with relevant industry standards and regulations, as well as with software development standards and practices such as the Systems Development Lifecycle, project and program management principles, and Agile development methodologies. This includes, but is not limited to, the Project Management Institute’s Project Management Body of Knowledge (PMBOK) standards, the National Institute of Standards and Technology’s (NIST) Special Publication 800-160 Vol. 2 Rev. 1 “Developing Cyber-Resilient Systems: A Systems Security Engineering Approach,” and NIST’s Cybersecurity Framework 2.0.

  • Experience implementing Zero Trust Architecture.

  • Experience building dashboards, detection techniques, and other cybersecurity approaches to monitor and defend assets from both external and internal threats.

  • Strong writing skills and communication, including experience authoring security engineering program documents.

  • Build dashboards, detection techniques, and other cybersecurity approaches to monitor and defend the Board’s assets from both external and internal threats.

  • Evaluate security engineering plans and document recommendations. This could include providing advisory services to designs proposed by others or amend designs to include and/or enhance security defenses.

  • Attend meetings as required, take meeting notes/minutes, and capture action items on behalf of the Cybersecurity Operations Unit and provide that information back to the team.

What Would Be Nice To Have:

  • Degree in Cybersecurity

  • Highly desired experience includes the following: Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Data Centers.

  • Highly desired experience includes the following: AWS security technologies, Microsoft Azure security technologies, Google Cloud, Cisco networking appliances, F5, Bluecoat, Palo Alto, VMware, CrowdStrike, Tenable, FireEye, Gigamon, Splunk, and other common enterprise security technology providers


What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

  • Medical, Rx, Dental & Vision Insurance

  • Personal and Family Sick Time & Company Paid Holidays

  • Parental Leave

  • 401(k) Retirement Plan

  • Group Term Life and Travel Assistance

  • Voluntary Life and AD&D Insurance

  • Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts

  • Transit and Parking Commuter Benefits

  • Short-Term & Long-Term Disability

  • Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities

  • Employee Referral Program

  • Corporate Sponsored Events & Community Outreach

  • Care.com annual membership

  • Employee Assistance Program

  • Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)

  • Position may be eligible for a discretionary variable incentive bonus

About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.


Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.


If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-571-633-1711 or via email at [email protected]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.


Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.

Guidehouse LLP

Website: https://guidehouse.com/

Headquarter Location: Washington, District of Columbia, United States

Employee Count: 1001-5000

Year Founded: 2018

IPO Status: Private

Last Funding Type: Grant

Industries: Advice ⋅ Consulting ⋅ Management Consulting