Security Engineer

3 weeks ago

Washington, United States Municipal Securities Rulemaking Board Full time

The MSRB is looking for a committed and driven Information Security Engineer with a broad understanding and appreciation of multiple security domains, and deep expertise in at least one.

We expect our team members to demonstrate technical proficiency as well as strong communication and collaboration abilities. The Security Engineer will contribute directly to hands-on, operational processes and will be empowered to proactively drive change at the program and organizational level. Candidates should demonstrate knowledge and understanding of Information Security principles, frameworks, and concepts along with excellent communications skills and a desire to learn and grow.

The Information Security Engineer is responsible for securing the MSRB by supporting existing controls and processes and through leading efforts to continually improve security across multiple dimensions and domains, including MSRB Web Applications, Cloud environments, networks, SaaS platforms, and enterprise systems. The engineer will support operational security processes as a key escalation point and by directly triaging a portion of our security alerts, phishing reports, vulnerabilities, and end-user requests. We expect the Engineer to work effectively with internal stakeholders, including the information security team, MSRB leadership, developers, system, database, and network administrators, and with external vendors including Cloud Service Providers and Managed Security Providers.

The Engineer will be responsible for proactively improving security by identifying and implementing new tools and controls, enhancing existing controls, and monitoring the evolving threat environment to make informed recommendations and changes.

Essential Duties and Responsibilities:

  1. Operational Oversight and Support:
  2. Serve as a key escalation point within the security team, providing guidance for effective resolution.
  3. Directly triage and respond to security alerts, phishing reports, and end-user requests on a regular basis.
  4. Identify and resolve issues in MSRB controls, systems, and applications.
  5. Lead and support maintenance and troubleshooting activities for the Information Security program.
  6. Lead and support vulnerability management processes, such as scanning, assessments, penetration testing, and remediation efforts.
  1. Architectural Excellence and Resilience:
  2. Design and implement robust security measures, including for web applications, cloud infrastructure, and enterprise systems.
  3. Effectively identify and resolve issues in web applications using web application code security tools and by working proactively with developers.
  4. Identify and implement best practices to secure web applications against potential threats.
  5. Provide risk-based recommendations for improving new and existing architectures.
  6. Monitor for and ensure compliance with relevant regulations, standards, organizational policies, and best practices, including cloud standards and best practices.
  1. Continuous Improvement and Attack Surface Reduction:
  2. Proactively monitor and understand the evolving threat environment and cybersecurity developments.
  3. Ensure that the MSRB adapts to the changing security landscape, making informed recommendations for adjustments to configurations, security controls, and technology platforms.
  4. Identify and implement new security tools and controls to enhance the organization's security posture.
  5. Build and improve custom detections in anti-malware and SIEM platforms.
  6. Automate controls and processes where possible.
  1. Enterprise Security:
  2. Apply expertise in enterprise security, including networking and security measures for systems in physical offices, end-user laptops, conference room computers, etc.
  3. Identify configuration issues and improvement opportunities.
  4. Lead and assist defense-in-depth efforts.
  5. Review and improve security-related SaaS configurations.
  6. Lead Identity and Access Management efforts.
  1. Collaboration, Coordination, and Incident Response:
  2. Lead incident response efforts, coordinating with cross-functional teams for swift and effective resolution.
  3. Improve the MSRB Incident Response plan and lead other efforts to improve readiness, including by supporting cybersecurity tabletop exercises.
  4. Regularly engage with key MSRB vendors, including the Managed Security Service Provider (MSSP).
  5. Monitor, understand, and adapt to the evolving threat environment and cybersecurity developments, making informed recommendations for adjustments to configurations, security controls, and technology platforms.
  1. Security Policy and Processes:
  2. Develop and maintain comprehensive security policies and procedures.
  3. Design, document, implement, maintain, and report on security controls, processes, requirements, standards, and guidance.
  4. Monitor and ensure compliance with security policies and procedures across the organization.
  1. Communication, Education, and Security Awareness:
  2. Assist with selection and management of security awareness courses, simulated phishing campaigns, and other routine education exercises.
  3. Conduct security awareness training sessions for employees.
  4. Communicate security policies and best practices to end-users, fostering a security-conscious culture.
  5. Evaluate emerging technologies and educate staff on associated risks and benefits.

Qualified candidates will possess expertise in enterprise security, including detection and detection engineering, incident response, Identity and Access Management (IAM), networking and endpoint security, is desirable. We welcome candidates with strong Cloud or application security backgrounds with a willingness to develop expertise in additional security specialties.

They will also have the following capabilities:

  • Critical Thinking
  • Good Judgment
  • Initiative
  • Collaborative Spirit
  • Influence

We are proud to be a collaborative organization that values diversity, equity and inclusion. We offer comprehensive benefits that support our employees overall mental and physical health and wellness. We aim to empower our employees with the resources they need to achieve a successful work-life integration.

A resume must be attached for full consideration. All applicants must demonstrate their ability to work in the U.S. without current or future employer sponsorship. No exceptions will be made.

by Jobble

  • Senior Cyber Security Engineer

    2 weeks ago

    Washington, United States Iron Vine Security Full time

    Job Requirements: · Strong written and verbal communication skills. · Experience designing, implementing, and maintaining IT security systems to protect digital assets from malicious cyber-attacks. · Experience developing and implementing an annual Incident Response Training and Testing Program · Experience implementing, configuring, and...

  • Security Engineer

    3 weeks ago

    Washington, United States ARK Solutions, Inc. Full time

    CLIENT: Federal Position : Security Engineer/ Splunk Engineer 6 months ContractWashington, DC (Onsite)Education: Bachelor’s degree in in Cybersecurity or related field. Required Skills: "Five (5) to seven (7) years of hands-on experience with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto,...

  • Security Engineer

    3 weeks ago

    Washington, United States ARK Solutions, Inc. Full time

    CLIENT: Federal Position : Security Engineer/ Splunk Engineer 6 months ContractWashington, DC (Onsite)Education: Bachelor’s degree in in Cybersecurity or related field. Required Skills: "Five (5) to seven (7) years of hands-on experience with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto,...

  • Security Engineer/ISSE

    3 weeks ago

    Washington, United States Technica Full time

    Overview: At Technica Corporation, our goal is to provide exceptional professional services and innovative technology solutions that meet or exceed our customers expectations. We specialize in a wide range of advanced information technology solutions from Systems Engineering to Information Assurance, and from Software Development to Product Solutions. From...

  • Security Engineer III

    1 week ago

    Washington, United States Ampcus Full time

    Overview: The Security Engineer III will evaluate, implement, maintain, and monitor IT security measures utilized by ****. The individual in this position is responsible for reviewing both new and existing applications for security vulnerabilities and compliance. Responsibilities: • nalyze, build, and maintain Security Operations toolsets, including...

  • Security Engineer

    1 week ago

    Washington, United States Verotis Full time

    Verotis is seeking an experienced Security Engineer to support security operations, strategy, planning, architecture, vulnerability assessments and remediation, and coordination with various government security entities. This includes the documentation of security strategy, planning, architecture, implementation and operation of a wide range of security...

  • Security System Engineer

    3 weeks ago

    Washington, United States VISTRADA Full time

    Job DescriptionJob DescriptionJob Posting: Security System Engineer (Junior/Intermediate/Senior Level)Vistrada is currently seeking highly skilled and motivated Security System Engineers to join our esteemed team. As a Security System Engineer, you will play a crucial role in identifying and mitigating vulnerabilities, ensuring the secure integration and...

  • Software Engineer

    8 hours ago

    Washington, United States Space Exploration Technologies Corporation Full time

    SpaceX is hiring a Software Engineer to join our Security Engineering team which owns the custom security software, tools, and systems that protect against threats to our rockets (Falcon and Starship) and the network and technology utilized by our as Software Engineer, Security, Software, Engineer, Security Engineer, Systems

  • Security Engineer

    1 week ago

    Washington, United States Tammina Full time

    Description The security engineering position provides support to a Security Operation Center of a federal agency. Ideal candidate will have comprehensive knowledge of Windows and UNIX-based system administration, network management and enterprise systems management and the ability to and maintain Linux-based operating systems as well as IDS/IPS, log...

  • Security Engineer

    2 days ago

    Washington, United States Tammina Full time

    Description The security engineering position provides support to a Security Operation Center of a federal agency. Ideal candidate will have comprehensive knowledge of Windows and UNIX-based system administration, network management and enterprise systems management and the ability to and maintain Linux-based operating systems as well as IDS/IPS, log...

  • Senior Application Security Engineer

    1 week ago

    Washington, United States SourcePro Search Full time

    SourcePro Search is conducting a search for an experienced Senior Application Security Engineer in Washington, DC. The ideal candidate will serve as subject matter expert integrating secure design for applications and services within the system development lifecycle. This position collaborates with business units, project management, and engineering teams...

  • Senior Application Security Engineer

    3 weeks ago

    Washington, United States SourcePro Search Full time

    SourcePro Search is conducting a search for an experienced Senior Application Security Engineer in Washington, DC. The ideal candidate will serve as subject matter expert integrating secure design for applications and services within the system development lifecycle. This position collaborates with business units, project management, and engineering teams...

  • Senior Security Engineer

    3 weeks ago

    Washington, United States 3M Consultancy Full time

    Job DescriptionJob DescriptionThis is a remote position. Job Title: Senior Security Engineer. Location: Washington, DC (Remote) Duration: Full-Time. Role Specific Duties: Provide network IDS monitoring, cyber threat intelligence, security log analysis and forensics, and web application security scanning and analysis. Protect users by performing internal...

  • Security Cloud Engineer

    3 weeks ago

    Washington, United States Serigor Inc. Full time

    Job DescriptionJob DescriptionJob Title: Security Cloud Engineer (Remote)Location: Washington, DCDuration: 12 Months+Job Description:The client is seeking a qualified and experienced Security Cloud Engineer to enhance and manage the organization's cybersecurity posture. The selected candidate will play a crucial role in safeguarding sensitive data,\...

  • Security Cloud Engineer

    1 week ago

    Washington, United States Serigor Inc Full time

    Job Title: Security Cloud Engineer (Remote) Location: Washington, DC Duration: 12 Months+ Job Description: The client is seeking a qualified and experienced Security Cloud Engineer to enhance and manage the organization's cybersecurity posture. The selected candidate will play a crucial role in safeguarding sensitive data,\ ensuring compliance with...

  • Security Cloud Engineer

    2 days ago

    Washington, United States Serigor Inc Full time

    Job Title: Security Cloud Engineer (Remote) Location: Washington, DC Duration: 12 Months+ Job Description: The client is seeking a qualified and experienced Security Cloud Engineer to enhance and manage the organization's cybersecurity posture. The selected candidate will play a crucial role in safeguarding sensitive data,\ ensuring compliance with...

  • Security Engineer/ Splunk Engineer

    1 week ago

    Washington, United States Ark Solutions Full time

    Role: Security Engineer/ Splunk Engineer Washington, DC (Onsite) 4-6 months Contract Education: Bachelor's degree in in Cybersecurity or related field. Required Skills: "Five (5) to seven (7) years of hands-on experience with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Cisco...

  • Security Engineer/ Splunk Engineer

    2 days ago

    Washington, United States Ark Solutions Full time

    Role: Security Engineer/ Splunk Engineer Washington, DC (Onsite) 4-6 months Contract Education: Bachelor's degree in in Cybersecurity or related field. Required Skills: "Five (5) to seven (7) years of hands-on experience with security monitoring tools such as IDS/IPS, FWs and NACs and protocols such as NetFlow (Snort, Bro, Palo Alto, Checkpoint, Cisco...

  • Senior Network Security Engineer

    4 weeks ago

    Washington, United States Latitude, Inc. Full time

    Job DescriptionJob DescriptionNew Job Opportunity - Senior Network Security Engineer:New and exciting job opportunity with a client based out of Washington, DC. Looking to hire an experienced Sr. Network Security Engineer with at least 8 years of prior related professional experience (High level Network Security Engineer / Cybersecurity support experience)....

  • Security Splunk Architect/Engineer

    1 week ago

    Washington, United States Node.Digital Full time

    Security Splunk Architect/Engineer Location: Washington DC metro area (Hybrid) Must have an active Secret OR Top Secret Clearance We are seeking a Security Splunk Architect/Engineer to support a Navy enterprise network within the Engineering and Cyber Divisions. The candidate's primary responsibility is to maintain and enhance the existing Splunk...