Security Engineer

Job Family:
IT Cyber Security (Digital)

Travel Required:
Up to 10%

Clearance Required:
None

Provide support to clients related to formalizing existing security engineering processes for the design, development, deployment, maintenance, and decommissioning of cybersecurity capabilities. Provide technical expertise and assist with establishing and implementing a formal Security Engineering function, including standard operating procedures and processes that govern all phases of the security engineering lifecycle.

What You Will Do:

The following duties and responsibilities include performing hands-on administration of technologies, logically designing security solutions, and authoring engineering documentation (including project plans, requirements, risks, schedules, and other documents required as part of a formal Project Management process). Specific responsibilities shall include, but are not limited to, the following:

• Author / amend the Board's Security Engineering program document to serve as the primary tool for designing the ideal Security Engineering program for the Information Security Branch.
• Support the implementation of a formal Security Engineering program with a variety of product types (e.g., project plans, system designs, network diagrams, formal requirements, test cases, user stories, use cases, and standard operating procedures).
• Document the Board's network in the form of a network architecture/diagram.
• Support the design and implementation of a robust security infrastructure that protects board data and systems from internal and external threats.
• Support the maintenance and management of Board security toolsets. This might include tasks such as upgrading software, applying patches, and configuring settings to ensure the toolset is operating effectively and efficiently.
• Research new security capabilities and recommended solutions that can be employed within the Board's infrastructure. This could involve identifying new technologies that could help improve the Board's security posture and making recommendations for their implementation.
• Support the Board's implementation of a Zero Trust architecture. This might include enhancing identity and access management controls, improving network segmentation, and ensuring sufficient logging and visibility across Board assets.
• Support the Board's evaluation of the current technology stack and propose opportunities for improvement (e.g., use current technology better, consolidate technology).

What You Will Need:

• ship
• Minimum of 4 years of experience.
• Deep understanding of security technologies, including firewalls, intrusion detection and prevention systems, identity and access management solutions, and encryption protocols.
• Strong writing and communication skills, including experience authoring security engineering program documents.
• Evaluate security engineering plans and document recommendations. This could include providing advisory services to designs proposed by others or amending designs to include and/or enhance security defenses.
• Attend meetings as required, take meeting notes/minutes, and capture action items on behalf of the Cybersecurity Operations Unit and provide that information back to the team.

What Would Be Nice To Have:

• Degree in Cybersecurity.
• Experience building dashboards, detection techniques, and other cybersecurity approaches to monitor and defend assets from both external and internal threats.
• Build dashboards, detection techniques, and other cybersecurity approaches to monitor and defend the Board's assets from both external and internal threats.
• Experience implementing Zero Trust Architecture.
• Highly desired experience includes the following: Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Data Centers.
• Highly desired experience includes the following: AWS security technologies, Microsoft Azure security technologies, Google Cloud, Cisco networking appliances, F5, Bluecoat, Palo Alto, VMware, CrowdStrike, Tenable, FireEye, Gigamon, Splunk, and other common enterprise security technology providers
• Experience designing and implementing secure networks and systems in either local (on-premises) or cloud computing solutions. This includes creating secure designs and integrating security appliances and technology into local, cloud, and/or hybrid networks

The annual salary range for this position is $98,000.00-$163,000.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.

What We Offer:

Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.

Benefits include:

• Medical, Rx, Dental & Vision Insurance
• Personal and Family Sick Time & Company Paid Holidays
• Position may be eligible for a discretionary variable incentive bonus
• Parental Leave and Adoption Assistance
• 401(k) Retirement Plan
• Basic Life & Supplemental Life
• Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Student Loan PayDown
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Employee Referral Program
• Corporate Sponsored Events & Community Outreach
• Emergency Back-Up Childcare Program
• Mobility Stipend

About Guidehouse

Guidehouse is an Equal Opportunity Employer-Protected Veterans, Individuals with Disabilities or any other basis protected by law, ordinance, or regulation.

Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.

If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1- or via email at All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.

All communication regarding recruitment for a Guidehouse position will be sent from Guidehouse email domains including @guidehouse.com or Correspondence received by an applicant from any other domain should be considered unauthorized and will not be honored by Guidehouse. Note that Guidehouse will never charge a fee or require a money transfer at any stage of the recruitment process and does not collect fees from educational institutions for participation in a recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring process.

If any person or organization demands money related to a job opportunity with Guidehouse, please report the matter to Guidehouse's Ethics Hotline. If you want to check the validity of correspondence you have received, please contact Guidehouse is not responsible for losses incurred (monetary or otherwise) from an applicant's dealings with unauthorized third parties.

Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.