Security & Compliance Engineer
3 weeks ago
We are seeking a skilled and knowledgeable Security and Compliance Engineer to join our information technology and security team. As a Security and Compliance Engineer, you will play a crucial role in maintaining and enhancing our security posture and ensuring compliance with various regulatory standards such as GDPR, CCPA, PCI-DSS, ISO 27001, etc. You will work closely with the Security Analyst as well as cross-functional teams to implement and monitor security measures, conduct regular audits, and ensure that all practices adhere to legal and regulatory requirements.
In this role, you will be responsible for designing, implementing, maintaining, informing, and enforcing the security, privacy, and compliance programs, systems, and controls of our organization to protect our data and network infrastructure. You will be tasked with identifying vulnerabilities, implementing security measures, and responding to security breaches. The Engineer will also serve as the subject matter expert (SME) regarding security, privacy, and compliance controls.
Our organization is committed to maintaining the highest standards of data security and privacy across our global operations. We are dedicated to implementing and overseeing robust security measures in line with international compliance standards.
Job Description:
Core Responsibilities
Strategy & Planning
- Develop and implement comprehensive security strategies and policies in alignment with and leading to ISO 27001, SOC2, and PCI certification
- Perform and manage governance, risk, and compliance (GRC) assessments
- Manage security certifications and compliance documentation
- Alert management to emerging trends in security incidents and threads
- Formulate and update security, privacy, and compliance standards, policies, and best practices according to evolving industry standards; stay informed on the latest security trends, threats, and technologies
- Inform decisions throughout the organization in matters regarding security, privacy, and compliance; work with appropriate leadership to establish enforcement guidelines and procedures
- Participate in and administer the selection and acquisition of security tools and technologies
- Assess and improve existing security measures and capabilities including but not limited to vulnerability management, incident management, BCP, endpoint protection, firewalls, and intrusion detection systems
- Assist in monitoring of network traffic for unusual activity and potential threats and take appropriate measures to counteract these threats
- Conduct regular security audits and risk assessments and recommend enhancements to management
- Collaborate with other departments to establish security best practices, vulnerability resolution, and ensure compliance with security regulations; act as liaison between IT, legal, and other departments to integrate security and compliance measures seamlessly into business processes
- Lead incident response efforts, including investigation and mitigation of security breaches or incidents
- Implement and manage security awareness training programs across the organization and provide guidance on security best practices to staff
- Oversee the installation and management of security software and hardware
- Coordinate with vendors and third-party service providers to secure network and information systems
- Identify, implement, and manage robust and industry-standards compliance processes and control to ensure compliance with CCPA and GDPR
- Drive R&D and engineering processes with security measures and process improvements
- Lead and manage the implementation and operation of SAST and DAST across the organization's products
- Lead and manage the implementation and operations of vulnerability management across information systems and application systems
- Serve as the primary point of contact for security incident management
- Escalate problems and incidents with accurate documentation to suitable stakeholders, when required
- Maintain all security, privacy, compliance documentation including policies, best practices, guidelines, and reporting KPIs
Education
- BA/BS in Computer Science, Computer Information Systems, Management Information Systems, Cybersecurity, or related field
- Relevant certifications such as CISSP, Security+, CISA, CISM, CEH, CIPP, CIPT are preferred
- 5+ years' professional experience in a similar role or a role involving security/privacy compliance
- Experience with security, privacy, compliance, and IT audits including GRC implementation and management
- Experience and knowledge of ISO27001, SOC2, and PCI certification, along with security frameworks and compliance including NIST, GDPR, and CCPA
- Experience articulating security standards and processes in response to RFP and government questionnaires
- Experience supporting R&D and engineering teams with penetration and vulnerability assessment and resolution management including implementation of secure SDLC
- Experience building policies and procedures for mid-large businesses to reach required security certifications and/or compliance
- Knowledge and experience with security tools and technologies similar but not limited to Rapid7, Security Scorecard, Invicti, Crowdstrike, and/or Knowbe4
- Proficiency designing and enforcing security standards, processes, and guidelines
- Demonstrated ability to work independently with general guidelines and little supervision; solutions-driven with a focus on delivering the right outcomes for a secure business
- Ability to conduct research into a wide range of computing issues as required
- Highly self-motivated with an attention to detail and an aptitude to learn; ability to absorb and retain information quickly
- Experience working in a team-oriented, collaborative environment; demonstrated mature and professional approach to work with an ability to instill a high level of confidence with others
- Excellent troubleshooting and problem-solving skills within a multi-faceted environment
- A cooperative approach to "go the extra mile" to achieve results
- Exceptional customer service skills and the ability to handle stressful situations
- Effective written and oral communication skills and interpersonal skills in dealings with team members and other stakeholders
- Superior command of written English with a demonstrated ability to produce quality documentation
- Ability to manage simultaneous projects and respond to change effectively
Work Environment
We are a hybrid-remote workplace combining in-office and remote work to varying degrees based on role requirements and employee location. This position may involve occasional travel within North America.
This position may require the ability to participate in an on-call roster rotation and flexibility regarding varied work hours required to address outages.
Worker Type:
Regular
Number of Openings Available:
1
-
Security Engineer
2 weeks ago
Maryland Line, United States Ageatia Global Solutions Full timeExecute security governance and compliance leadership through the design and implementation of security policies, procedures, guidelines, and standards to maintain the confidentiality, integrity and availability of information systems and data. Represent Information Security from Security Governance and Compliance perspective. Design, implement, and...
-
System Security Engineer
7 days ago
Maryland, United States Technology Security Associates Full timeJHNA Technology Security is currently seeking an experienced System Security Engineer (SSE). The SSE provides specialized systems engineering support to a NAVAIR acquisition program in accordance with the latest 5000 series instructions. The SSE may be required to act as the team leader or supervisor, developing engineering procedures and controls, managing...
-
Information Systems Security Engineer
1 month ago
Maryland, United States Columbia Technology Partners Full timeDescription: The Information Systems Security Engineer shall perform or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Information Assurance (IA) standards and regulations andrecommend mitigation strategies. Validates and verifies system security requirements definitions...
-
Information Systems Security Engineer 3
1 month ago
Maryland, United States Athenix Solutions Group Full timeAthenix Cyber & SIGINT is seeking a Senior Information Systems Security Engineer to support a large program in the Annapolis Junction, MD area. Participate as a security engineering representative on engineering teams for the design, development, implementation and/or integration of secure networking, computing, and enclave environments Participate as a...
-
Information Systems Security Engineer
1 month ago
Maryland, United States Birchmere Group Full time***You MUST already have a TS/SCI Clearance with a Polygraph to qualify*** Information Systems Security Engineer Level 2 The Information Systems Security Engineer (ISSE) shall perform, or review, technical security assessments of computing environments to identify points of vulnerability, non-compliance with established Cybersecurity standards and...
-
Cyber Security Technical Specialist
2 weeks ago
Maryland Line, United States GovStaff Full timeAs part of several Cyber Security openings of ours in Aberdeen Proving Ground, MD, GovStaff is seeking an experienced Cybersecurity Technical Specialist to serve under a major IT support contract for the Army Test and Evaluation Command (ATEC). The focus of this role is security scanning, device hardening, and technical assessments. Offering a team oriented...
-
ISR CC
3 days ago
Maryland, United States Apogee Engineering Full timeSystems Security Engineer Apogee Engineering is looking for a Systems Security Engineer (SSE), to provide Anti–Tamper, and Cyber Security/Assessment and Authorization (A&A) engineering support to the AFLCMC/ISR SOF Directorate. The SSE will provide engineering support and assistance with technical direction specific to the V–22 in the areas of :...
-
Software and Security
2 weeks ago
Maryland Line, United States Franklin Apprenticeships LLC Full timeJob Description The Franklin Apprenticeships mission is about connecting passionate, eager, and highly motivated technology talent with employers. We work with large Fortune 500/1000 companies across the country who hire apprentices from our pre-apprenticeship program with no prior IT experience. This is the perfect ground-floor opportunity for the...
-
Network Engineer
2 weeks ago
Maryland Line, United States Falcon IT & Staffing Solutions Full time02nd May, 2024 Role: Network Infrastructure Architect/Engineer. Location: Baltimore, MD/Woodlawn, MD (Remote Temporarily). Job Description: • DNS/IPAM; Firewalls; NAC; load balancing; DDoS mitigation, tapping/sniffing infrastructures; NTP; AWS (Preferred), Azure, or Google Cloud, WAN, LAN, IPv6, TCP/IP, VPN, Ethernet Skills; EIGRP, BGP4, RIP, VPLS, MPLS;...
-
Systems Engineering Manager
4 days ago
Maryland Line, United States T2S Solutions LLC Full timeSummary T2S Solutions currently has an opening for an accomplished and innovative Systems Engineering Manager with extensive experience in software development, network design, hardware and system integration, and technical oversight across multiple projects. The ideal candidate will possess expertise in multiple engineering disciplines such as hardware,...
-
Network Systems Engineer III
5 days ago
Maryland Line, United States Chiron Technology Services Full timeOverview Chiron Technology Services, Inc. currently has an Network Systems Engineer III career opportunity in the Annapolis Junction, MD area. An active TS/SCI w/Polygraph Clearance is required for this position. ResponsibilitiesDesign and integrate various functions of network equipment into functional systems using international, U.S., and military...
-
Linux Systems Administrator
2 weeks ago
Maryland Line, United States Fuse Engineering Full timePatching servers and workstations with Red Hat Satellite server STIG compliance applied to all machines (assuming it makes sense to do so) Maintaining STE compliance (SEAR logs, UAM reporting, McAfee reporting, Nessus Agent scanning) Work with ESXi and vCenter to ensure virtual machines are patched and that VMs are running smoothly for end user developers...
-
Network Engineer
2 weeks ago
Maryland Line, United States Falcon IT & Staffing Solutions Full time02nd May, 2024Role: Network Infrastructure Architect/Engineer. Location: Baltimore, MD/Woodlawn, MD (Remote Temporarily). Job Description: • DNS/IPAM; Firewalls; NAC; load balancing; DDoS mitigation, tapping/sniffing infrastructures; NTP; AWS (Preferred), Azure, or Google Cloud, WAN, LAN, IPv6, TCP/IP, VPN, Ethernet Skills; EIGRP, BGP4, RIP, VPLS, MPLS;...
-
Platform Engineer
7 days ago
Maryland Line, United States Ageatia Global Solutions Full timePlatform Engineering is responsible for the implementation, 24x7 operational support, automation, availability, and performance management of the CareFirst cloud platforms and the on-premise virtualization platforms and virtualization infrastructure. The candidate is required to support engineering team projects and facilitate technical design discussions as...
-
Security Systems Engineer
4 days ago
Maryland, United States Aviation Systems Engineering Company Full timeDescription As the Security Systems Engineer (SSE) , you will provide specialized systems engineering support to a NAVAIR acquisition program based at NAS Patuxent River, MD. You may also act as a project lead in the development of engineering procedures and controls. Your extensive experience with NAVAIR SETR and technology acquisition processes will enable...
-
Product Support Engineer
2 weeks ago
Maryland Line, United States Brandes Associates Full timeOverview BAI, a defense contractor is seeking a Product Support Engineer (PSE) to join its Agile Empowerment Technologies (AET) product group supporting mission-critical messaging gateway systems for U.S. intelligence and DoD personnel. Our current Product Support Engineer is ready to take the next step in their career with AET, so we are opening the door...
-
Security Analyst/Engineer
1 month ago
Maryland Heights, United States Brooksource Full time*Security Analyst/Engineer**On-going Contract**St. Louis - HYBRID - Must be in St. Louis or willing to relocate*Brooksource's Fortune 500 telecommunication client is looking for an information Security Analyst/Engineer. This Security Analyst/Engineer that will participate in a vulnerability management project regarding network specific devices. The role will...
-
Information System Security Manager
1 month ago
Maryland, United States Birchmere Group Full time***This position requires a TS/SCI Clearance with a Polygraph*** Information System Security Manager (ISSM) Level 3 Provide management support for a program, organization, system, or enclave’s Information Assurance program. Provide management support for proposing, coordinating, implementing, and enforcing Information System Security policies, standards,...
-
Software Engineer
3 days ago
Maryland Line, United States SW Complete Full timeCompany Description Synergy ECP is a Service Disabled Veteran-Owned Small Business SD(VOSB) that was formed in July 2007 with Headquarters in Columbia, MD and is made up of talented, dedicated staff to provide a broad range of services to the defense, intelligence and health care industries. In an ultra-competitive environment, Synergy ECP has thrived by...
-
IT Security Specialist Level 2
2 weeks ago
Maryland, United States Birchmere Group Full time***This position requires a TS/SCI Clearance with a Polygraph*** IT Security Specialist Level 2 Enable planning, coordination, and implementation of the organization’s information security. Identify current organizational security infrastructure, define future program requirements, and design and implement security related IT systems. Ensure systems...
