Senior Cybersecurity Engineer

Overview

SCCI is seeking a Senior Cybersecurity Engineer to join our team! The Senior Cybersecurity Engineer is a key member of the Information Technology team, responsible for designing, implementing, and managing advanced security technologies and practices to protect SCCI's data and assets. This role requires a strong technical foundation, a deep understanding of current threat landscapes, and the ability to quickly respond to security incidents to enhance our overall security posture. The Senior Cybersecurity Engineer also provides guidance to junior team members and collaborates with other departments and personnel to ensure cybersecurity is properly integrated across all IT and business functions. The successful Candidate will report directly to the Director of IT and serve as senior manager on the IT staff, working closely with the Systems Engineer, Network Engineer, ISSO, ISSM, and Help Desk Supervisor to provide secure integrated solutions. This position is located at our operations facility in Dahlgren, VA.

SCCI offers a comprehensive and competitive benefits package including Health, Dental, Vision, Life and Disability benefits, 401k with Company Match, time off consisting of 2 weeks of paid vacation, 48 hours of sick/personal leave, and 11 paid Holidays.

Responsibilities:

• Security Awareness & Collaboration
  
  • Advise Director of IT and company leadership on cybersecurity requirements, concerns, processes and best practices
  • Mentor junior security staff and provide technical leadership
  • Advise and train technical staff and users in cybersecurity best practices
• Security Architecture & Engineering
  
  • Design, implement, and manage security solutions (e.g., SIEM, EDR, firewalls, IDS/IPS, IAM, VPN)
• • Architect secure network, application, and cloud environments
  • Evaluate and integrate new security technologies
• Threat Detection & Response
  
  • Work with external security service providers to coordinate monitoring detection, threat hunting, and incident response activities
  • Analyze logs and alerts to identify anomalies or potential threats
  • Manage incident response lifecycle
• Vulnerability Management
  
  • Supervise the vulnerability management program
  • Coordinate and validate regular vulnerability scans and penetration tests
  • Prioritize vulnerability remediation efforts across endpoints, networks, and applications
  • Work with IT team to validate and apply patches
• Governance, Risk & Compliance
  
  • Develop and maintain security policies, procedures, and standards
  • Ensure compliance with relevant standards, directives and regulations
  • Conduct risk assessments and support audit activities
  • Remain abreast of emerging technologies, cyber threats and security tools
• Advise ISSO and ISSM on issues related to securing and monitoring classified DoD networks
• Project Management
  
  • Lead multiple cybersecurity initiatives
  • Coordinate with IT personnel and stakeholders to gather requirements, refine objectives, engineer solutions, and develop required timelines, milestones and cost projections
  • Set goals and expectations for projects and team members
  • Take ownership of initiatives and see them through completion

Essential Skills and Experience:
Bachelor's (BS) degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
Eight (8) - ten (10)+ years of hands-on experience in cybersecurity roles, with at least 2 years in a senior or lead capacity
Strong understanding of network protocols, security architecture, and security practices
Experience in a Windows-based enterprise IT environment (preferably GCC High, Azure AD, Intune, and AVD)
Proficient in scripting and automation (e.g., Python, PowerShell, Bash)
Experience with cloud platforms (AWS and Azure) and their security services
In-depth knowledge of modern threat landscapes, vulnerabilities, mitigation techniques, and security tools and processes
Ability to lead teams and manage projects to achieve security goals and objectives
Ability to write clear and concise cybersecurity guidance, procedures and documentation

Preferred Skills and Experience:
DoD security practices and regulations
Migration from on-prem architecture to cloud
Virtualization (preferably Hyper-V)
Familiarity with open-source security tools
Experience with Fortinet security products
AWS/Azure Security Certifications
CISSP (Certified Information Systems Security Professional)
OSCP (Offensive Security Certified Professional)
GIAC (e.g., GCIH, GCIA, GCED, GPEN)
CEH (Certified Ethical Hacker)
Security

SCCI is committed to providing a comprehensive and competitive benefits package to meet the needs of employees and their families. EOE of Veterans and Disabilities.