Description of Responsibilities:
Harmonics Consulting is seeking a Cybersecurity Engineer to support our Federal Government client’s Cybersecurity Engineering team. The Cybersecurity Engineer will be an integral part of the client’s aggressive plans to be the first government agency to implement a cloud-only, zero trust computing environment. The successful candidate will have a broad technical background and leverage cybersecurity expertise to architect secure solutions hosted in commercial cloud offerings, such as AWS and Azure.
- Report to and assist the client’s Cybersecurity Engineering Team leadership to gain approvals, overcome obstacles, and reach consensus in the furtherance of the client's mission and the Agency’s Cloud security strategy.
- Utilize expertise in cybersecurity architecture, engineering and defensive operations in support of programs, projects and IT initiatives
- Conduct research on emerging technologies and industry trends for applicability to addressing client challenges.
- Identifies significant actual and potential cybersecurity problems, trends, and weaknesses. Proactively identify information security deficiencies or opportunities for constant improvement and enhancement of the Agency’s security posture
- Reviews proposed new systems, networks, and software designs for potential security risks.
- Provide guidance on the creation or modification of cyber defense architectures, cyber engineering plans and IT project plans
- Apply automation, orchestration, and DevSecOps concepts and tools to accelerate implementation and operations activities.
- Support the Infrastructure, Data, Development and Design teams to present cyber solutions or cover overall approach to cyber defense.
- Provide regular, timely reporting on the information security topics as required to support cybersecurity, privacy and compliance requirements
- Provide subject matter expertise on various cyber threats
Required Skills and Experience:
- Demonstrated experience with the NIST Risk Management Framework (RMF) and other NIST publications with demonstrated completion of tasks required to achieve ATO for complex systems or networks
- Proficient with Continuous Monitoring tools such as SolarWinds, Tenable, New Relic.
- Proficient with Commercial Cloud Services such as AWS, Microsoft Azure or Google Cloud.
- Ability to analyze Layer-2 and Layer-3 networks, firewalls, proxies, ports and protocols, etc. for security configuration compliance.
- Familiarity with vulnerability remediation tools and processes for effective vulnerability management in compliance with policies and guidelines
- Proficient with SIEM tools (e.g. Splunk). Experience performing security event monitoring or assessments, analytics and response activities, and support of IT operational activities
- AWS Certified Solutions Architect
- Ability to perform risk assessments, analyze and evaluate complete networks using a variety of security tools.
- Effective written and verbal communication skills to collaborate with a broad range of stakeholders.
- Production working experience with cloud computing technologies, systems engineering / administration, network engineering / administration
- Demonstrated ability to generate and maintain technical documentation is required.
Desired Skills and Experience:
- Experience with operating, managing and deploying solutions that leverage IaaS, PaaS or SaaS
- Familiarity with DHS TIC Reference Architecture
- CISSP certification
- Bachelor's degree
- 5 years of IT engineering experience
- US Citizenship with ability to maintain Public Trust clearance