Our client is seeking a Senior Security Tools Engineer to support a federal cybersecurity
architecture opportunity. This Key Personnel role will administer, integrate, automate, and
optimize enterprise-grade security tools supporting vulnerability management, endpoint
security, SIEM, dashboarding, automation, API development, audit support, and CDM
aligned reporting for a proposal opportunity.
Primary Responsibilities
• Administer, integrate, and automate enterprise cybersecurity tools.
• Support security tool operations, upgrades, patching, configuration, dashboards,
and API integrations.
• Develop APIs, scripts, Python libraries, and automation workflows to improve tool
interoperability.
• Design and manage vulnerability scanning strategies and enterprise security data
workflows.
• Build dashboards and alerts for SOC, risk management, and CDM stakeholders.
• Aggregate security logs, vulnerability data, asset data, and system data into SIEM
and reporting platforms.
• Support audit readiness, compliance reporting, and version-controlled audit
artifacts.
• Use CI/CD, containers, and cloud-native automation to improve security
engineering workflows.
Qualifications
Required Qualifications
• Candidates must be willing and able to work as Ashburn W-2 employees. 1099 and
corp-to-corp arrangements are not permitted for these roles.
• DHS EOD / suitability is required for clearance.
• 10+ years of experience managing and integrating enterprise-grade security tools.
• Hands-on experience with tools and platforms such as Splunk, Tenable
Vulnerability Management, CrowdStrike, ForeScout, Zscaler, AWS, Jenkins, Sumo
Logic, Ansible, Active Directory, VMware, and Cisco UCS.
• Proven ability to modernize security automation workflows using AWS Lambda,
AWS Fargate, and HashiCorp Vault.
• Experience streamlining operations through automation and API creation.
• Programming and scripting proficiency in Python, PowerShell, Batch, SQL, Bash,
and other relevant languages.
• Experience developing APIs and Python libraries for security tool integrations,
including tools such as Jamf, DNA Center, Vault, and CrowdStrike.
• Experience using CI/CD pipelines and managing development stacks including
Docker, GitHub Enterprise, AWS Lambda/Fargate, and Sonatype Nexus.
• Experience designing scan strategies for vulnerability management tools to improve
enterprise visibility.
• Experience creating data models for SIEM querying.
• Experience automating audit file management with version control.
• Experience using ETL processes to aggregate security logs and system data for
Splunk and asset management solutions.
• Experience developing advanced dashboards, optimizing queries, creating alerts,
and building APIs to support SOC and risk management teams.
• Experience designing and implementing dashboards for the DHS Continuous
Diagnostics and Mitigation (CDM) Program or comparable federal cyber reporting
environments.
Preferred / Strongly Desired Qualifications
• Experience with Prisma Cloud, Corelight NDR, Cisco Secure Network Analytics,
Cisco ISE, Zscaler ZTNA/SASE, Checkmarx One, Sonatype Nexus IQ, CrowdStrike
Falcon, and Tenable.VM.
• Experience integrating tool data into Splunk or centralized dashboards.
• Experience with vulnerability management, endpoint detection and response, asset
management, and compliance automation.
• Prior DHS, DOD / DOW, or federal CDM program support experience.
• Strong documentation, dashboarding, and stakeholder communication skills.
Never miss an opportunity! Create an alert based on the job you applied for.
