What are the responsibilities and job description for the Cybersecurity Engineer position at Banduri?
About Banduri
Banduri helps organizations execute digital transformations with agility so that continuous innovation becomes their core competency. Core to Banduri's values and culture is the belief that everyone deserves to thrive. Our mission is to leave things better than we found them, make things that matter, and help our customers harness the power of change. We know that to do this requires radical candor, a dedicated focus on the users, and creativity. There are no big egos here. We are collaborators and team players. We want solutions-oriented problem solvers, critical thinkers, and committed creators that are passionate about what they do.
We are currently hiring a CYBERSECURITY ENGINEER to support the modernization efforts of a federal agency.
MUST BE A US CITIZEN AND PASS BACKGROUND CHECK
Position Location:
This position offers hybrid work options with occasional on-site requirements at the client's Washington D.C. headquarters. Our office is in Fredericksburg, VA right next to the Fredericksburg (FBG) Amtrak/VRE station.
Position Description:
Responsible for safeguarding the client’s digital assets by designing, implementing, and maintaining robust security measures. Responsible for identifying and mitigating cyber threats, ensuring the confidentiality, integrity, and availability of sensitive data and systems.
Key Responsibilities:
· Conducting Security Assessments & Penetration Testing: Perform vulnerability assessments using various tools and techniques (e.g., network scanning, code reviews, penetration testing) to identify and document security weaknesses; conduct penetration testing to simulate real-world attacks and evaluate the effectiveness of existing security controls; analyze security logs and identify suspicious activity; generate comprehensive reports detailing findings, risks, and remediation recommendations
· Implementing & Managing Security Controls: Design, deploy, and configure security controls such as firewalls, Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Endpoint Detection & Response (EDR), Zero Trust Security (ZTS), Security Information & Event Management (SIEM) solutions; monitor security systems for alerts and anomalies, investigate security incidents, and respond to security breaches effectively; manage security access controls, including user authentication, authorization, and access rights; implement and maintain security policies, procedures, and standards
· Incident Response & Forensics: Develop and maintain incident response plan; investigate security incidents, collect and analyze evidence, and assist in the remediation process; conduct forensic analysis of systems and data to identify the root cause of security breaches
· Staying Current on Threats & Technologies: Research and stay updated on emerging cyber threats, vulnerabilities, and attack vectors; attend industry conferences, training sessions, and read security publications to enhance knowledge and skills; evaluate and recommend new security technologies and solutions to improve the Court’s security posture
Required Skills:
· Familiarity with common attack vectors (e.g., malware, phishing, social engineering), security frameworks (e.g., NIST Cybersecurity Framework, ISO 27001), and regulatory compliance requirements (e.g., GDPR, HIPAA)
· Deep understanding of network protocols (TCP/IP, UDP, DNS), network topologies, and network devices (routers, switches, firewalls)
· Proficiency in scripting languages (e.g., Python, PowerShell), command-line interfaces (CLI), and various operating systems (Windows, Linux, macOS)
· Ability to analyze complex security issues, identify root causes, and develop effective solutions
· Ability to communicate technical information clearly and concisely to both technical and non-technical audiences
· Ability to manage multiple tasks, prioritize effectively, and work independently
Required Experience:
· Minimum of 7 years of professional experience in cybersecurity or a related field (e.g., systems administration, network engineering)
· Hands-on experience with security tools and technologies such as firewalls, Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Endpoint Detection & Response (EDR), Zero Trust Security (ZTS), Data Loss Prevention (DLP), Security Information & Event Management (SIEM), vulnerability assessment solutions
· Experience with incident response and security investigations
Certifications (1 or more required):
· CompTIA Security
· AWS Certified Security Specialty
· Microsoft Azure Security Technologies Certified
· Certified Ethical Hacker (CEH)
· Certified Information Systems Security Professional (CISSP)
· GIAC certification
· Zscaler, CrowdStrike, or/and Splunk vendor programs certification
Banduri is committed to a diverse and inclusive workplace. Banduri is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.
