NETE is seeking a highly motivated, flexible, organized, and detail oriented Security Engineer/Architect to join our dynamic team atBethesda, MD. If you want to learn, grow, and help then this is the job for you. We support a project/customer that "seeks to better understand, treat, and ultimately prevent infectious, immunologic, and allergic disease seeks fundamental knowledge about the nature and behavior of living systems and the application of that knowledge to enhance health, lengthen life, and reduce illness and disability.” What you do matters and has a significant impact on the medical and scientific communities we serve. Your work here really matters and has a real impact.
The Information Security Engineer/Architect is responsible for maintaining enterprise information security equipment, policies, technical standards, guidelines, procedures, and other elements of infrastructure necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
Strategy & Planning
- Participate in the planning and design of enterprise security architecture, under the direction of the Information Security Manager, where appropriate.
- Provide security architectural expertise, direction, and assistance to Systems Analysts, Systems Engineers, and other Systems Architects.
- Evaluate Linux / Unix / Windows based Enterprise Configuration Management services and virtualization.
- Develop security solutions that facilitate the company’s strategic business needs.
- Conduct research on emerging technologies in support of systems development efforts, and recommend technologies that will increase improve the enterprise security posture.
- Recommend security control and systems to support business goals of the company.
- Implement security systems that have positive budgetary impact by reducing costs and increasing productivity.
- Enhance the company’s information assets by contributing to its security, integrity, efficiency, availability, and accuracy.
- Familiar with identity management, role methodologies, and least privilege principles.
- Familiar with the latest compliance benchmarks (CIS, NIST) standards and best practices for implementation.
- Perform strategic analysis; apply advanced principles, theories, and concepts to a resolution of problems.
- Establish and communicate design and architecture standards via mentoring, technical presentations, and white papers.
- Interact with all levels of customers, users, and vendors, including executive management, technical personnel, and contractors.
- Identify, prioritize and onboard internal, application data feeds to the SIEM platform. (especially Splunk, Tenable & Tripwire).
- Monitor and maintain overall system health of the SIEM infrastructure. (especially Splunk, Tenable & Tripwire)
- Assist with Change Management preparations and implementations, providing technical subject matter expertise.
- Provide security analysis and consultation services for product, system, and Data Protection architecture designs.
- Attend, and periodically lead meetings with the team.
- Assist with other projects as may be required to contribute to the efficiency and effectiveness of the group.
- Lead incident response efforts across the enterprise.
- Coordinate security related communications with customers (implementing remediation efforts, applying baseline standards, layering of new security/auditing controls).
- Proficient in reporting and answering analytical questions using vulnerability data.
- BS/BA Degree preferred.
- Minimum (8) years’ experience in Information Security. A background in security operations or design & engineering role or any combination of education and experience, which would provide an equivalent background.
- Significant experience with multiple technical and business disciplines preferred.
- Working knowledge and understanding of industry-accepted data processing controls and concepts as applied to hardware, software, data network communications, and people.
- Security Certifications: Security+ or CISSP preferred or other technical security certifications.
- Previous professional experience with enterprise SIEM (Splunk, Tripwire, Tenable SecurityCenter) is required.
- Experience managing log sources, log types, and parsing rules.
- Custom log parsing configuration development experience is highly preferred.
- Experience managing On-premise/cloud security infrastructure (virtual/physical)
- Understanding of Information Security with relevant work experience and/or relevant education/certifications.
- Experience utilizing asset inventory software (agnostic tool) and understanding the security boundaries
- Ability to work cooperatively and to function well in a team environment.
- Excellent customer interface skills.
- Applicants selected will be subject to a Public Trust background security investigation and may need to meet eligibility requirements for access to sensitive information.
- Paid Time Off (PTO)
- 9 Paid Federal holidays
- Various wellness programs
- Free parking at corporate offices
- Employee Referral Bonus Program (ERBP)
- Vision coverage through UHC national network
- Dental coverage through UHC national network
- 401(K) with significant company match & no vesting period
- Short and Long-Term Disability coverage (paid by company)
- Competitive salaries with opportunity for performance bonuses
- Discount plan for pet care, legal services, & identify theft protection
- Basic Life and AD&D coverage (paid by company; option to purchase additional coverage)
- Medical coverage through UHC national network (option to choose between 3 available plans)
- Flexible Spending Accounts:
- Healthcare (FSA)
- Parking Reimbursement Account (PRK)
- Dependent Care Assistant Program (DCAP)
- Transportation Reimbursement Account (TRN)
NETE is a multi-award winning company as well as offers a collaborative working environment where growth is encouraged and nurtured. In addition, we offer competitive salaries that may include performance bonuses; and a comprehensive benefits package.
NETE uses E-Verify to validate all new hires' ability to legally work in the United States.
Disclaimer: The above description is intended to describe the general nature of work and level of effort being performed by individual’s assigned to this position or job description. This is not to be construed as a complete or exhaustive list of all skills, responsibilities, duties, and/or assignments required. Individuals may be required to perform duties outside of their position, job description, or responsibilities as needed.