Security Engineer, SME (IMC00762)

This position will support and provide expertise to a successful cybersecurity and privacy program for a government customer, and be responsible for designing, implementing, and maintaining secure systems and networks. This role will work closely with cross-functional teams, including IT, network engineering, and cybersecurity, to ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks. 

Work Location: Hybrid work requirement, with a minimum of one day required onsite in Washington, DC, and the balance of the week performed remotely, based upon the needs and directions of the customer. 

Essential Duties and Responsibilities: This position will include, but is not limited to, the following tasks:

• Understand cloud networking and develop cloud technologies from a zero-trust perspective.
• Build and configure Kubernetes clusters (EKS) in alignment with security best practices.
• Develop GitOps processes leveraging Flux CD, creating security configurations for application and improvements to current designs.
• Administer and improve the security pipeline for SAST, DAST, vulnerability, compliance checks, and overall strategy of deployment.
• Assist with configuration and design of APP Mesh and micro-service design from a security perspective.
• Containerize security tools to streamline operations and enhance security measures. 
• Collaborate within Agile development teams, to automate deployment, monitoring, and infrastructure management in a cloud environment.
• Build and configure delivery environments supporting CD/CD tools, leveraging Agile methodologies.
• Create scripts and/or templates to automate and/or bootstrap infrastructure provisioning and management tasks.
• Troubleshoot, repair, and upgrade security tool implementations, performing root cause analysis.
• Configure existing technologies to resolve operational issues and drive automation.
• Conduct research and analysis to support program expansion and area of responsibility.
• Apply expertise to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.
• Perform analysis of security features within system architectures.
• Provide knowledge and guidance in following NIST, FISMA, Agency Information Security and Privacy, and Cloud Guidelines.

Basic Required Qualifications and Skills:  Note: These are mandatory items that all candidates must have when submitting an application to IMC for this position. Please ensure that your submission addresses each of these required items. Candidates without these required elements will not be considered.

• Bachelor's degree in business, information technology, or related field of study.
  • 10 years of experience in computer security may substitute for a degree.
• 7+ years of experience in cybersecurity. 
• At start date, must possess one of the following professional certifications in ACTIVE status. (Similar level certifications considered on a case-by-case basis). 
  • CISM, CISSP, GSLC, CEH, LPT, CPT 
• Experience demonstrating strong analytical, troubleshooting, and problem-solving skills for cybersecurity. 
• Excellent written, and verbal communication skills. 
• Knowledge of NIST Cybersecurity, Privacy and Risk Management frameworks, and associated requirements (NIST SP 800-53 Rev 5, ISO27001, HIPPA, SOX, PCI).
• Knowledge/experience with the majority of the following focus areas:
  • Zero Trust
  • Cyber program analysis
  • Cyber development, engineering, and architecture
  • Cyber Risk Management
  • DevSecOps Engineering
  • Linux Engineering
  • Kubernetes
  • Ansible
  • OS/APP/Database Hardening
  • Certificates and PKI Experience Windows/Linux Engineering 
  • Experience with Scripting
    • Perl, Go, Groovy, Helm, Bash, Python, and PowerShell
• Knowledge/experience with the majority of the following tools/applications:
  • Experience with Vulnerability detection and Management technologies
  • Tenable Nessus /SC
  • AWS Inspector
  • CrowdStrike Spotlight
  • BurpSuite (Front End)
  • GitLab CI
  • App Mesh (Istio) 
  • OPA and Kubescan
  • Terraform
  • Prometheus
  • GitOps
  • Automating CI/CD pipelines
• Pursuant to a government contract, this specific position requires U.S. Citizenship.
• Must possess or be able to obtain a federal background investigation of Tier 4 Critical High-Risk Public Trust (Form SF 85P).

Desired Qualifications and Skills: It is desirable that the candidate have the following qualifications:

• AWS Certified Architect 
• Pen Testing experience
• Splunk Engineer
• Crafting and authoring cyber policy
• Cloud Certification (CCSK, AWS, Azure, CompTIA Cloud+, CCSP, etc.)

Salary and Benefits Information: Please see the salary information listed at the beginning of this document, which is not a guarantee of compensation or salary. All salaries will be based on relevant experience, geographic location, and position and/or contractual requirements, which could fall outside of the listed range. For more information about IMC’s benefits, please visit our website at https://www.imcva.com/about-imc/careers.