Lead Security Operations Engineer - Reston, United States - Qbase

    Qbase
    Qbase Reston, United States

    1 month ago

    Default job background
    Description
    Lead Security Engineer


    Clearance:
    Must be able to obtain a US Security Clearance (Requires US Citizenship)


    Location:
    Reston, VA (Hybrid)


    Description:
    Finch AI is seeking a

    Lead Security Engineer


    to lead our security initiatives and ensure the protection of our assets, including our cloud-based systems, software development, and production environment.

    The ideal candidate will have a strong understanding of AWS Cloud security, as well as experience working with development teams to write secure code and maintain a secure environment.


    Responsibilities:


    With concurrence of the development and operations managers, formulates the approach for the design, test, and implementation of secure code, operating systems, networks, software development environments, as well as monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, and data loss prevention actions.

    Identifies security risks, threats and vulnerabilities of networks, systems, applications, and new technology initiatives.

    Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus and anti-malware systems and software deployment security tools, including security testing tools.

    Reacts to and initiates corrective action regarding security violations, attempts to gain unauthorized access, malware incidents, virus infections, and other events affecting security.

    Develops technical and programmatic assessments, evaluates engineering and integration initiatives, and provides technical support to assess security policies, standards, and guidelines.

    Develops, implements, enforces, and communicates security policies and/or plans for data, software applications, hardware, and telecommunications.

    Research, evaluate and recommend new security tools, techniques, and technologies and introduce them to the enterprise in alignment with IT security strategy.

    Provides complex technical oversight and enforcement of security directives, orders, standards, plans and procedures.

    Assesses the impact on the business or customers caused by potential or realized security incidents, and reports to senior management.

    Conducts risk and vulnerability assessment at the system and application level.
    Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.

    Remain current with trends in security technologies, processes, and methods that can improve the Customer IT infrastructure security posture, the efficiency and effectiveness of security operations, and the quality of security services provided and, shall advise Customer accordingly.


    Knowledge and skills:
    Ability to prepare management, business, technical, and personnel reports, reviews, and documents for internal and external use.
    Previous experience working with software development.

    Understanding of, and experience applying industry security policies, regulations, guidelines, and security compliance frameworks such as NIST RMF, NIST 800-53, FISMA 27001, CMMC, and CIS Critical Security Controls, etc.

    Knowledge of change control and change management process, project management, Enterprise Architecture frameworks, SDLC and Agile.

    Knowledge of key security capabilities such as e-forensics, logging/SIEM, risk management, PKI, IPsec, vulnerability management, A&A, continuous monitoring, disaster recovery, network and endpoint securityExperience conducting analysis and providing recommendations on new or existing security capabilitiesGood communication and presentation skills at all organization levelsExperience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-listsExperience working with AWS cloud security servicesExperience working with relevant operating system securityExperience working with cloud-based firewalls, security services, network scanning, and intrusion detection (CrowdStrike and AWS Inspector), and intrusion detection.

    Strong analytical and problem-solving skills to troubleshoot and resolve security issuesAbility to perform and interpret vulnerability assessmentsAbility to administer the operations of a security infrastructureAbility to balance and prioritize work and the work of team members based on business prioritiesExperience:

    CISSP, Security+ or equivalent certification.
    At least ten (10) years of hands-on experience in work similar to that being supervised.


    Leveraged tools:

    SNYKSONAR CUBECrowdStrikeAWS Tool:
    Guard Duty, Trusted Advisor, Inspector, WAFMimecastSIEM - Splunk is preferred

    Education:
    BS degree in Computer Science, or other IT related fields, Cyber, or Information Assurance or equivalent experience


    ABOUT FINCH AI


    Finch AI is a fast-growing, fast-paced software development organization; our mission is to build new ways of interacting with information.

    We do that by leveraging game-changing intellectual property, cloud infrastructure expertise, and a staff that is second to none. Together, we build and support products that address complex, real-time data and analytics needs in the enterprise.


    Our teams are comprised of successful people that enjoy solving problems, engaging in substantive technical discussions and have passion for their work.

    We have very high expectations in terms of skill, motivation, self-organization and productivity.

    We look for people who excel working in groups, virtual and collocated, as well as those who are comfortable with fast paced agile development.

    Finch AI is an equal opportunity employer.
    #J-18808-Ljbffr