Security Engineer, SME (IMC00762)

Email Subject Line : Security Engineer, SME (IMC00762)

This position will support and provide expertise to a successful cybersecurity and privacy program for a government customer, and be responsible for designing, implementing, and maintaining secure systems and networks. This role will work closely with cross-functional teams, including IT, network engineering, and cybersecurity, to ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks.

Work Location : Hybrid work requirement, with a minimum of one day required onsite in Washington, DC, and the balance of the week performed remotely, based upon the needs and directions of the customer.

Essential Duties and Responsibilities : This position will include, but is not limited to, the following tasks :

• Understand cloud networking and develop cloud technologies from a zero-trust perspective.
• Build and configure Kubernetes clusters (EKS) in alignment with security best practices.
• Develop GitOps processes leveraging Flux CD, creating security configurations for application and improvements to current designs.
• Administer and improve the security pipeline for SAST, DAST, vulnerability, compliance checks, and overall strategy of deployment.
• Assist with configuration and design of APP Mesh and micro-service design from a security perspective.
• Containerize security tools to streamline operations and enhance security measures.
• Collaborate within Agile development teams, to automate deployment, monitoring, and infrastructure management in a cloud environment.
• Build and configure delivery environments supporting CD / CD tools, leveraging Agile methodologies.
• Create scripts and / or templates to automate and / or bootstrap infrastructure provisioning and management tasks.
• Troubleshoot, repair, and upgrade security tool implementations, performing root cause analysis.
• Configure existing technologies to resolve operational issues and drive automation.
• Conduct research and analysis to support program expansion and area of responsibility.
• Apply expertise to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Perform analysis of security features within system architectures.
• Provide knowledge and guidance in following NIST, FISMA, Agency Information Security and Privacy, and Cloud Guidelines.

Basic Required Qualifications and Skills : Note : These are mandatory items that all candidates must have when submitting an application to IMC for this position. Please ensure that your submission addresses each of these required items. Candidates without these required elements will not be considered.

10 years of experience in computer security may substitute for a degree.

CISM, CISSP, GSLC, CEH, LPT, CPT

Zero Trust

Perl, Go, Groovy, Helm, Bash, Python, and PowerShell

Experience with Vulnerability detection and Management technologies

Desired Qualifications and Skills : It is desirable that the candidate have the following qualifications :

J-18808-Ljbffr