Lead Cybersecurity Engineer

Engineering, Manager, VPN, SSL, Network, Networking, Security, Computer, Networks, Engineer, TCP, IP, Linux, Python
Full Time

Job Description

Resp & Qualifications


As a member of the CyberSecurity Operations Center’s Engineering team, you are responsible for defending the enterprise network from threats and adversaries, both internal and external. The CyberSecurity Engineering team is at the forefront of security technology research, architecture, deployment, implementation and operation for all aspects of network related security throughout the enterprise.

PRINCIPAL ACCOUNTABILITIES: Under the direction of the Manager, CyberSecurity Engineering, the incumbent is responsible for, but is not limited to, the following:

  1. Next-Gen firewall architecture for a complex, geographically distributed organization utilizing a mixture of on-premises and cloud infrastructure.
  2. Administration of the firewall environment including services such as VPN Gateways, URL filtering, SSL Decryption and Advanced Threat Protection.
  3. Responsible for the installation and operation of network security systems across the entire organization.
  4. Using Network and Host-based Intrusion Prevention systems to identify anomalous activity within the boundaries of the network.
  5. Configuration and monitoring of Network-based anomaly detection solutions.
  6. Develop and maintain playbooks documenting security controls and responses to specific threats.
  7. Analyze data and telemetry from network security tools to improve control efficacy and validate control results.


Required Education and Experience:

Degree or equivalent experience: BA/BS in Information Technology, Networking, Security, MIS, Computer Science or related field

Years of experience: Minimum 5+ years of demonstrated work experience. (Additional experience may be substituted for educational requirement.)

Specialized training (preferred, but not required):

PCNSE – Palo Alto Networks Certified Network Security Engineer

PCCSE – Palo Alto Networks Prisma Certified Cloud Security Engineer

PCSAE – Palo Alto Networks Certified Security Automation Engineer

Vendor specific tools training, SANS security training, GIAC Certifications

Demonstrated commitment to training, self-study and maintaining proficiency in the technical CyberSecurity domain

Other requirements (preferred, but not required):

Ability to obtain one professional certification within 6-12 months

Required Skills and Abilities:

Incumbent must have a firm understanding of Information and/or Cyber Security principles. Must be able to adapt quickly to understand rapidly changing threat landscape in order to correctly scope and prioritize security events. The incumbent must also be able to achieve certification across multiple domains such as networking, security, development languages, etc.

Must be able to effectively work in a fast-paced environment with frequently changing priorities, deadlines, and workloads that can be variable for long periods of time. Must be able to effectively communicate.

Required skills:
  • Thorough knowledge of Palo Alto Networks’ product solutions to include firewalls, Panorama, IPSEC VPN, Threat Protection, and Global Protect.
  • Experience with network TAPS and Bypasses
  • Experience managing Threat Prevention policies across a large, distributed environment
  • Understanding of signature-based detection mechanisms and event-based detection methodologies.
  • Strong understanding of TCP/IP analysis with Wireshark/Tshark, tcpdump, etc.
  • Ability to triage events and escalate incidents as necessary
  • Solid experience with routing, switching, VPN, wireless infrastructure, load balancer technology, and packet brokers.
  • Advanced Linux skills
  • Must be able to script in at least one language.(Preferably Python, Ruby, PowerShell, BASH)
  • A solid understanding of securing AWS and Azure infrastructures.

  • Familiarity with Splunk or Elasticsearch
  • Packet capture and reassembly
  • NetFlow analysis
  • Deep experience analyzing firewall log data
  • Advanced malware detection and prevention
  • OSINT collection and analysis
  • Familiarity with AWS log data such as CloudTrail, CloudWatch and VPC Flow Logs

Equal Employment Opportunity

CareFirst BlueCross BlueShield is an Equal Opportunity (EEO) employer. It is the policy of theCompany to provide equal employment opportunities to allqualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran or disabled status, or genetic information.

Hire Range Disclaimer

Actual salary will be based on relevant job experience and work history.

Where To Apply

Please visit our website to apply: www.carefirst.com/careers

Closing Date

Please apply before: 5.20.21

Federal Disc/Physical Demand

Note: The incumbent is required to immediately disclose any debarment, exclusion, or other event that makes him/her ineligible to perform work directly or indirectly on Federal health care programs.


The associate is primarily seated while performing the duties of the position. Occasional walking or standing is required. The hands are regularly used to write, type, key and handle or feel small controls and objects. The associate must frequently talk and hear. Weights up to 25 pounds are occasionally lifted.

Sponsorship in US

Must be eligible to work in the U.S. without Sponsorship
Dice Id : 10233586
Position Id : 14660-1A
Originally Posted : 9 months ago
Have a Job? Post it

Similar Positions

Cybersecurity and Checkpoint Firewall Engineer
  • Proxim Systems
  • Woodlawn, MD, USA
Cybersecurity and Checkpoint Firewall Engineer
  • Omm IT Solutions
  • Woodlawn, MD, USA
Cloud DevOps Infrastructure Engineer, Lead
  • Booz Allen Hamilton
  • McLean, VA, USA
Firewall Engineer
  • SAIC
  • Springfield, VA, USA
Cybersecurity Threat Lead
  • Zachary Piper Solutions, LLC
  • Beltsville, MD, USA
Cybersecurity Analyst
  • Leidos
  • Washington, DC, USA
Cybersecurity Analyst
  • Leidos
  • Washington, DC, USA
Cyber Security Analyst
  • Apex Systems
  • Washington, DC, USA
Lead Incident Response
  • Motion Recruitment
  • Baltimore, MD, USA
Firewall (Imperva WAF) Engineer
  • Pinnacle Group
  • Washington, DC, USA