Senior Security Engineer
Posted on: November 22, 2021
AccelerEd's values are at the core of everything we do, from our
ongoing relationships with clients and partners to our daily
interactions with team members across the organization. Adopting
these values is essential to supporting the company's objectives
and inspiring employees to new levels of productivity while helping
them achieve their professional goals. Our values include Act with
Integrity; Focus on Customers; Engage with Respect; Collaborate
Always; and Innovate with Passion. Please read more about these
values at the end of this document.Position Summary:The Senior
Security Engineer will be responsible for identifying potential
threats to the IT infrastructure, recommending enhancements
accordingly and implementing those technologies. The senior
security engineer provides support to ensure applicable information
protection policies, procedures, guidelines, best practices are
followed. Performs Security Risk Assessments (SRAs) and performs
compliance reviews to ensure applications and servers are operating
in accordance with established policies and procedures. Educates
stakeholders in the assessment process and lead both pre- and
- Serve as a security expert in network efforts, helping project
teams comply with enterprise and IT security policies, industry
regulations, and best practices.
- Lead and execute projects on our security roadmap.
- Adhere to existing risk management frameworks, such as COBIT,
ITIL, and ISO 27002.
- Manage incident response for network security events.
- Develop and maintain IT security policies.
- Research, design, and advocate new technologies, architectures,
and security products that will support security requirements for
the enterprise and its customers, business partners, and
- Support vulnerability assessments on various types of networks
- Execute risk and vulnerability assessments and remediation
- Analyze output from network vulnerability assessments,
recommend mitigation strategies and resolve any security incidents
through work with pertinent business departments.
- Review and provide feedback on security plans and procedures
regarding all aspects of LAN, WAN or MANs, as applicable;
- Review and provide input into network designs to ensure
compliance with security and enterprise architecture.
- Provide input and visibility into emerging security
technologies, deployment strategies and other security protocols to
ensure awareness within the IT security branch.
- Build/enhance security architecture and configure network to
enhance the security posture of the enterprise.
- Review in-house and 3rd-party applications/code for security
vulnerabilities and best practices.
- Participate in Software Development Lifecycle: code review, QA
security testing, launches, etc.
- Develop and/or implement automated security testing tools where
- Participate in the development of security-related tools and
applications, such as multi-platform cookie-based authentication
and internal security libraries/frameworks.
- Train engineers on common security problems and best practices
for writing secure code.
- Provide security input on overall software architecture.
- Performs hands-on testing of applications, as well as build and
enforce information risk management requirements and structure,
including providing practical secure architecture skills and
developing and implementing Information Security best
practices.MINIMUM QUALIFICATIONS, KNOWLEDGE, SKILLS, AND
ABILITIES:Formal Education & Certification
- Bachelor's degree in Information Technology, Computer Sciences
or equivalent. Master's degree desirable
- Possessing at least one professional security certification
such as CISSP, CISM, CISA or similar.Knowledge & Experience
- 10 years or more of professional experience with 7 or more
years in IT security including security policy development,
security architecture models, and information security regulatory
- Must have the knowledge of IT security technologies such as
firewalls, intrusion detections systems, antivirus, patch
management, etc., and the interest and experience to work on
security policy and architecture
- Hands-on experience with the following technologies: enterprise
system administration across multiple operating systems, IPS
management (i.e., Cisco ASA, Palo Alto), vulnerability scanning
- Experience in engineering and enterprise system administration
- Experience developing a standard set of metrics that measure
our security posture on a monthly/weekly basis.
- Proven experience developing security policies, procedures,
risk registers and incident response plans
- Intermediate to advanced knowledge of information security
- Experience with one or more applications development languages
such as Ruby on Rails, Java, C/C++, .NET.
- Solid knowledge of and experience with secure web
architectures, tools and processes
- Knowledge of network architecture and design, network Security,
wireless Security and client/server security. Very strong computer
networking skills and understanding of networking protocols.
- Security of virtual machine environments is highly
- Knowledge of vulnerability assessment/network discovery and
- Understands infrastructure monitoring
- Knowledge of securing Linux and Windows systems.
- Experience with various types of firewalls and
- Demonstrated process improvement experience
- Previous application development experience is very helpful for
secure code reviews
- Hands-on experience using multiple Amazon Web Services
technologies to support an enterprise environment.
- Prior experience as a team lead or role mentoring junior team
- Experience with threat detection and incident management for
web applications that deal with PISkills & AbilitiesBasic skills
- Secure solutions development
- Middleware security
- n-tier apps dev infrastructure
- Compliance - PCI, GLB, GLBA, CMMC. GDPR, etc.
- Risk management and security risk assessments
- Code review, reverse engineering
- API's and protocols
- Authentication and authorization. SSO (Single Sign On), MFA
(Multi- Factor Auth.).
- Enterprise aware (change control, downstream impacts,
understanding of cause and effect, change windows, etc.)
- Recognized as a strategic thinker and is results oriented
- Demonstrated effective strong team player and self-motivator.
Ability to work and interface internally with a IT and other
functional support groups with minimal guidance
- Demonstrated successful experience in a customer-facing
- Demonstrated communicator both written and verbal, with
effective presentation delivery and meeting facilitation
- Demonstrated effective time management, organizational and
- Good analytical and troubleshooting skills with strong
attention to detailTRAVEL REQUIREMENTS:Some travel may be required,
up to 10% of the time. The travel may be local or national and may
be by car, rail, or air.
Keywords: AccelerEd, Silver Spring , Senior Security Engineer, Engineering , Hyattsville, Maryland
Didn't find what you're looking for? Search again!