Job Details
Senior Security Engineer
Description
Job Description:
Leidos is seeking a talented Senior Security Engineer to join our team and lead our Infrastructure and Sensors team in support of a federal customer within the Department of Homeland Security (DHS) Enterprise Security Operations Center (ESOC). Senior Security Engineer will lead a team gather requirements and design, codify, integrate and implement secure solutions that support Security Operations as well as the underlying infrastructure required to deploy and run those solutions.
Primary Responsibilities
- Lead the Infrastructure and Sensors engineering team
- Provide leadership, coaching, and mentorship to team members
- Conceptualize, Design, Build, and Maintain current and future SOC tools and platforms.
- Manage multiple assignments, changing priorities, and work independently with little oversight.
- Support all support, guidance and develop processes to evaluate and improve all operating systems, hardware support, software, firmware solutions and provide advisement concerning future purchase of the same.
- Work closely with senior engineers, other team members and application owners to solve technical problems at the network, system and application levels.
- Conduct periodic architectural reviews of installed sensors to assess effectiveness and propose optimal installation alternatives as required.
- Conduct network security architecture reviews to determine the size, and placement of intrusion monitoring equipment during the customer onboarding process.
- Conduct periodic reviews of sensor metric reports to evaluate and prioritize sensors for review and assessment.
- Produce System Design documents, weekly and monthly reporting, and preparation and presentation of recommendations to the customer.
- Resolve Linux system errors and crashes, disk space problems, huge file system and full disk errors.
- Implementation and troubleshooting of Linux network services such as NFS, NTP, FTP, SSH, DNS, Sendmail,
- Configure LDAP server and LDAP client on Linux machines for authentication and authorization.
- Build new Linux Virtual Machines and physical servers using templates and ISOs.
- Create new Linux templates and apply STIGs using DISA guidelines.
- System administration and monitoring, file system management and disk management and creation of shell scripts for the automation of tasks and the extraction of logs.
- Hardware and software installations, upgrades, maintenance, security analysis and network performance and tuning of Linux servers in a virtual infrastructure.
- Installation, maintenance, and operation of Red Hat Satellite Server to manage RHEL server infrastructure.
- Support operations across multiple geographic locations.
- Develop solutions to complex technical issues.
- Provide follow-up reports (technical findings, feedback, resolution steps taken) for Root Cause analysis, engineering technical assessment and process improvement initiatives
Basic Qualifications
- The candidate shall have bachelor’s degree in Computer Science, Engineering, or related field and a minimum of 12 years of experience in system administration, database administration, network engineering, software engineering, or software development, with a concentration in cybersecurity
- At least one of the following certifications: CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX, Splunk Enterprise Certified Architect
- Experience installing, configuring, securing, and troubleshooting, RHEL, CentOS or Ubuntu Linux
- Extensive automation experience with PowerShell and Shell Scripting for automating Linux installs
- Experience mentoring junior personnel
- Extensive knowledge of DELL (Power Edge) and other Enterprise Servers
- Experience deploying and supporting IDPS
- Experience deploying and supporting Full Packet Capture systems
- Network experience and understanding with the following: TCP/IP, NIS, NFS, DNS, DHCP, FTP/TFTP, SSH, SFTP, ARP.
- Experience with storage tools such as NAS (NFS, SAMBA, RAID 0/1/5/6/10) and SAN (iSCSI, FiberChannel)
- Experience supporting Hyper Converged Infrastructure (HCI)
- Cloud and VMWare skills – Understanding of cloud terminology, architecture, and tools to include: installing, provisioning and monitoring
Preferred Qualifications
- Extensive knowledge of Ansible, Satellite, and VMWare ESXi/VCenter
- Experience working in AWS and Azure
- Experience with Suricata and Gigamon
- Experience developing in Bash, Python, YAML, PowerShell scripts
- Experience working in an Agile development environment.