- Create developer guides, documentation, and best practices to enable smooth integration with security services. Implement and support fine-grained authorization patterns (entitlements, row-level security, ABAC).
- Collaborate with architects and engineers to ensure security services meet performance, usability, and compliance requirements.
- Conduct code reviews and provide guidance to development teams on secure coding and integration practices.
- Research emerging zero trust and identity/access management technologies to recommend improvements.
- 4 years of experience as a Cyber Security Engineer with an emphasis on automation and platform engineering providing subject matter expertise to the team and the customer
- 3 years of experience with designing and building implementations of required security controls; and implementing continuous monitoring and auditing of solutions for compliance with security controls.
- Strong experience in implementing security controls from government regulatory frameworks and security standards (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).
- Experience with researching, designing, testing, evaluating and implementing technologies such as Infrastructure as Code (IaC), containerization, K8, and CI/CD Automation
- Experience with Source Code repositories and CI/CD pipeline solutions such as Bitbucket, and GitHub
- Experience with container orchestration tools (OpenShift preferred)
- Demonstrated and repeat experience implementing controls for cloud, container, and/or DevSecOps services and solutions from IL5 to IL6+ on NIPR, SIPR, and JWICS.
- Expert-level skills in specifying and implementing log collection into tools such as Splunk, and performing querying and analysis of aggregated logs to identify security-relevant anomalies or risks
- Expert proficiency in incident response, security incident handling, and forensic analysis techniques.
- Expertise with security tools such as Fortify, Acunetix, and Prisma Cloud
- Experience performing periodic (Daily, Weekly, Monthly) security check to support continuous monitoring aligned with the NIST Risk Management Framework
- Experience applying Security Technical Implementation Guide (STIG) requirements to harden information systems (Linux Preferred)
- Effective communication skills, with the ability to convey complex technica
Please mention the word **MARVELOUSNESS** and tag ROTQuMTU2LjEzMS40Nw== when applying to show you read the job post completely (#ROTQuMTU2LjEzMS40Nw==). This is a beta feature to avoid spam applicants. Companies can search these words to find applicants that read this and see they're human.
