JOB DESCRIPTION

Skiltrek is looking for a Sr Security Engineer to join their team. Ideally the employer would like someone to sit in San Diego but are open to remote options upon request.

This individual will be responsible for performing a combination of security design and implementation work, as well as security testing and implementation of new products or enhancements to current products.

This position is responsible for the support of the production environment which ensures the appropriate security policies and practices are implemented and enforced.

In addition, this position will be a technical resource for the overall organization in all technical matters regarding our security products and services.

Close collaboration with all Systems Engineering disciplines is essential to comprehensive solutions being presented and implemented to the business.

• Mornings - TaR (Triage and Response), Active Threat Hunting (Obsidian, Varonis, RecordedFuture)
• Review latest Threat Intelligence and InfoSec News, assess risk to Client
• Outcome : Generates events requiring investigation or additional research
• Security Focused / Core Competency Activities
• Specialty? What platform are the supporting? Focus on that platform for the day
• Compliance & Governance Activities
• 20% ServiceNow Tickets
• SAFe Meetings : Daily Stand-up, Retrospectives, Sprint Planning, PI Planning
• Internal Meetings (Security focused) e.g. Bi-weekly IT Security Events, Tools, and Malware Meeting
• Vendor Working Sessions (conf. calls with Varonis, Obsidian, Palo Alto, Zscaler)
• Vendor / Partner Business Reviews
• VRB (bi-weekly) starting-up next week (Vulnerable Review Board)
• ITSEC Landscape discussions and Strategy
• 1 : 1 Meetings
• Knowledge Transfer Sessions train-up and / or train-down
• Incident Response Sessions based on alerts and events

MINIMUM REQUIREMENTS

• 3-5 years experience working as a Security Admin / Engineer in an enterprise level environment
• Experience working managing / operating a SIEM or Log Aggregation tool

o Splunk or Humio or Cribl

• Experience utilizing End Point Detection and Response tech (Crowdstrike EDR)
• Admin like Linux experience
• Networking Experience (Cisco routers, trace routing, pinging the network, fundamental internet technology understanding, OSI layers)
• Experience doing Firewall Management
• Familiar with MITRE ATTACK

DESIRED SKILLS

• PowerShell Scripting experience
• Experience with Zero Trust
• Micro Segmentation experience
• Experience working with Z-scaler
• Okta Experience
• Crowdstrike Experience (beyond EDR, Spotlight, Identity Threat Protection, FalconX)
• PKI certificate management experience (i.e. MS or Venafi)

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching.

Employees in this role are also entitled to paid sick leave and / or other paid time off as provided by applicable law.

Qualifications

Required Qualifications :

• Knowledge of Navy SATCOM security architectures, TRANSEC requirements, and federal agency certification / approval processes.
• Experience developing and working with SATCOM security architectures, such as Direct Sequence Spread Spectrum (DSSS) technique and End Cryptographic Unit (ECU) devices.
• Experience developing Key Management Infrastructure (KMI) including key management, key generation, and key sharing architectures in coordination with federal agency and associated security policies
• Current / active Secret clearance and eligible for TS / SCI.

Desired Qualifications :

• Bachelor's or Master's Degree in Electrical Engineering, Cybersecurity, or Computer Science (minimum 10 years of experience)
• Excellent writing and verbal communication skills, and email etiquette
• Proactive self-starter; work well independently and with teams in a collaborative environment

Responsibilities

Provide security engineering support to the U.S. Navy Wideband Anti-Jam Modem System (WAMS). Work with the Assistant Program Manager (APM) and Chief Engineer (CE) to develop system requirements, support system engineering execution, and participate in technical and programmatic exchanges with internal and external stakeholders to include Navy, Space Force, Space and Missile Defense Command (SMDC), and Defense Information Systems Agency (DISA).

Participate in program technical reviews; provide expert input and recommendations on cybersecurity issues to support system development and program execution.

Identify requirements to obtain federal agency approval of security components used by the WAMS program. Develop a Key and Certificate Management Plan (KCMP) and coordinate KCMP approval with federal approvers.

Coordinate with other Navy program offices, DISA, and other external stakeholders, as required for Transmission Security (TRANSEC) issues impacting the WAMS programs.

Essential Duties and Responsibilities :

• Inspects airline equipment and checks for any unauthorized items.
• Screens cargo using equipment / method designated by customer and according to customer’s specifications.
• Performs aircraft monitoring, passenger wanding and gate guarding according to customer’s specifications.
• Observes and monitors unit activity and facility surroundings when not performing inspection / validation duties.
• Performs all other duties as assigned by management.
• Reports to Operations Supervisor or Operations Manager, depending on size of unit.
• Activities overseen by Lead or Senior Lead, depending on size of unit.

Education :

High school diploma or GED

Requirements :

• New employees required to complete an FBI fingerprint check (SIDA Badge) and a confirmed 10-year background check (10 year listed; 5 year verified)
• Not have been convicted of any of the listed FAA Disqualifying Crimes;.
• Ability to bend, push, and lift up to 30 pounds on a regular basis in order to perform the essential functions of the job.
• Must be at least 18 years old.
• Hold a valid U.S. driver’s license
• Must be Covid-19 Vaccinated

Communication Skills :

Possess written and oral communication skills in English.

Certificates, Licenses and Registrations :

Environmental Requirements :

Works non standard work hours, evenings, weekends, holidays.

Demonstrated Competencies to be Successful in the Position :

• Security Mindset take pride in keeping the skies safe and the flights secure
• Trust - keeping promises and speaking the truth.
• Customer Focused - the willingness to listen and the duty to act promptly and appropriately.
• Team Spirit - integrity, experience, collaboration and open communication.
• Innovation creativity, seeking new ideas, continuous improvement though anticipating change and adapting to it.

3RC is seeking candidates with 12+ Years of cybersecurity experience to join our team as a Senior Information Systems Security Officer.

The selected candidate will perform security scans to identify vulnerabilities and risks, and work with the Engineering team to mitigate the risks.

The candidate is required to have experience with ensuring systems successfully complete the Assessments & Authorization (A&A) process.

They will work with other security and IT professionals in developing and implementing strategies to detect and mitigate threats to information systems, protect critical data sets, and provide assessments of system and network vulnerabilities.

They will analyze threats and develop and implement best practices methodologies for incident detection, reporting, and vulnerability remediation.

Primary Responsibilities :

• Plan and recommend modifications or adjustments based on exercise results or system environment.
• Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
• Verify and update security documentation reflecting the application / system security design features.
• Assess the effectiveness of security controls.
• Assess all the configuration management (change configuration / release management) processes.
• Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements.
• Analyze and report organizational security posture trends.
• Analyze and report system security posture trends.
• Assess adequate access controls based on principles of least privilege and need-to-know.
• Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.
• Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
• Mitigate / correct security deficiencies identified during security / certification testing and / or recommend risk acceptance for the appropriate senior leader or authorized representative.
• Verify minimum security requirements are in place for all applications.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.

Required Qualifications :

• DoD 8570 certification (IAT or IAM Level 2)
• Demonstrated experience with Risk Management Framework (experience under DHA a plus)
• Demonstrated efficiency and experience in RMF package development, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, architecture diagrams, hardware / software inventories, and system / site policies, procedures, and processes
• Hands on experience with the DoD tool eMASS
• Familiarity with NIST publications
• Experience in assessing systems using NIST 800-53 and / or DISA STIGs and SRGs
• Excellent customer service and organization skills
• Excellent oral and written communication skills

Desired Qualifications :

• Experience with ACAS and HBSS
• Experience in RMF policy development, process improvement, and strategy implementation
• Knowledge in Continuous Monitoring and Risk Scoring (CMRS)
• Knowledge of cloud capabilities and secure cloud architecture
• Knowledge in one or more of the following technologies :

o Medical devices

o Windows

o Linux / Unix

o Network Devices

o Databases MS SQL, Oracle

o VMWare Virtualization

Clearance Required :

Active Secret security clearance

Company Paid Standard Benefits :

• Short / Long Term Disability
• Basic Life Insurance
• Direct Payroll Deposit
• Leave Accrual
• Holidays
• 401(k) Match

Employee / Company Shared Benefits :

• Additional (Voluntary) Life Insurance
• 401(k)
• Medical Coverage
• Dental Coverage
• Vision Care Plan
• Flexible Spending Account Plan

PI223568073

SECURITY OFFICER

• We work with you based off of your availability;
• We offer flexible schedules
• PT / FT available
• Day, Swing, & Graveyard Shifts
• Holiday Pay
• Weekends
• On Call Positions
• Standing Officer & Patrol Division Openings

SAFETY & SATISFACTION IS OUR #1 PRIORITY

Security First takes a drastically different approach to providing security services our security officers are not only highly trained and exceptionally professional in both demeanor and appearance, but go above and beyond to provide a friendly, helpful resource to tenants and business patrons.

We feel that offering a combination of the latest technologies, 5-star customer service, and a pleasant onsite presence, contributes to a more comprehensive and satisfying customer experience.