Senior Security Engineer

Dark Wolf Solutions is looking for a Senior Security Engineer to join our team. The successful candidate will be responsible for implementing and maintaining robust security measures for our organization's systems and networks. You will work closely with cross-functional teams to ensure compliance with Security Technical Implementation Guides (STIGs), adhere to cloud security best practices, and promote a culture of security through the implementation of DevSecOps principles. This position is expected to be supported primarily remotely, with one day per week in Sterling, VA Key responsibilities include:

• Implementing and managing security measures for systems and networks, ensuring compliance with STIGs (Security Technical Implementation Guides) and other relevant security standards.
• Conducting vulnerability assessments and penetration testing to identify and address potential security risks.
• Collaborating with accreditation, development and operations teams to integrate security into the software development lifecycle (SDLC) and promote the principles of DevSecOps.
• Designing and implementing security controls for cloud-based infrastructure, leveraging best practices for cloud security.
• Monitoring and responding to security incidents, conduct forensic analysis, and implementing remediation measures to address vulnerabilities and threats.
• Providing guidance and support to development teams regarding secure coding practices and secure configuration management.
• Staying up to date with the latest cybersecurity trends, vulnerabilities, and best practices, and applying them to enhance the organization's security posture.
• Collaborating with stakeholders to develop and maintain security policies, procedures, and guidelines.
• Participating in the evaluation and selection of security technologies, tools, and services to enhance the organization's security capabilities.
• Conducting security awareness training and promoting a culture of security among employees.

Required Qualifications:

• Bachelor's degree in Computer Science, Information Security, or a related field
• 5+ years of proven experience as a Cybersecurity Systems Engineer or a similar role, with a focus on implementing security measures in complex IT environments
• Strong knowledge of STIGs and experience with their implementation
• Deep understanding of cloud security best practices and experience securing cloud-based infrastructure, particularly AWS
• Familiarity with DevSecOps principles and experience integrating security into the software development lifecycle (SDLC)
• Experience with vulnerability assessments, penetration testing, and security incident response
• Solid understanding of networking concepts, operating systems, and common security technologies (firewalls, intrusion detection/prevention systems, etc.)
• Strong analytical and problem-solving skills, with the ability to think critically and make sound decisions in a fast-paced environment and collaborate effectively with cross-functional teams and stakeholders
• Experience working with commercial and open source security tools
• US Citizenship and an active DoD Secret security clearance or higher

Desired Qualifications:

• Relevant certifications (e.g., CISSP, CEH, CISM) are highly desirable.
• Experience with DoD FedRAMP authorized cloud platforms such as AWS GovCloud and Azure Government
• Knowledge of the Risk Management Framework (RMF) accreditation process and security requirements
• Working knowledge and experience using SIEM tools (e.g., Splunk, SolarWinds, etc.)
• Experience implementing and using AV/XDR tools (e.g., McAfee, Sophos, etc.)