Skip to content
Baseline Security Engineer – Lead
| Company | Booz Allen |
|---|
| Location | Washington, DC, USA |
|---|
| Salary | $99000 – $225000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- 5+ Years of experience providing support to Information Technology (IT) operations
- Experience creating security baselines using CIS and STIGs
- Experience creating security baselines from scratch using vendor documentation
- Experience with modifying CIS and STIG benchmarks to meet organizational requirements
- Experience working with the NIST 800 Special Publication series guidance for risk management and security control implementation, including 800-30,800-37, 800-53, 800-60, 800-63, 800-115, or 800-137
- Experience reviewing, developing, or customizing general security configuration baselines
- Knowledge of the National Vulnerability Database (NVD) and Common Vulnerability Enumeration (CVE)
- Ability to translate the low-level security baseline requirements into high-level FISMA and NIST requirements and client-specific security
- Ability to obtain a Public Trust
- HS diploma or GED
Responsibilities
- Develop and implement security solutions in alignment with security strategy
- Maintain an awareness of market and technology trends to bring best of breed solutions to the client
- Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts
- Work on unusually complex problems and provide highly innovative solutions
- Operate with substantial latitude for unreviewed action or decision and mentor or supervise employees in both company and technical competencies
- Work closely with government stakeholders in understanding the vision and direction of the information technology program and decompose this architecture and associated use cases into discrete components that can be addressed from a cybersecurity engineering standpoint
- Understand proposed and in-place architectures at a level that enables the identification and understanding of possible security risks and propose solutions for risk mitigation
Preferred Qualifications
- Experience with networking, including CISCO, Juniper, or Palo Alto, operating systems, including Windows Server, Red Hat, or Linux, cloud services, including AWS, Azure, Salesforce, Okta, O365, or ServiceNow, or Mobile Technologies, including iOS or Xen Mobile
- Experience designing, building, and implementing automation tools, including Ansible, Chef, or Puppet
- Experience with Infrastructure as Code tools, including Cloud Formations or Terraform
- Experience with container platforms, including OpenShift
- Experience with chaos engineering and blue or green deployments
- Experience with Serverless, including Lambda, API Gateway, Step Functions, and SAM
- Experience with application performance analysis and monitoring, including ELK
- Experience with JSON or YMAL programming
- Bachelor’s degree
- AWS Certified Solutions Architect, AWS Certified Developer, CCNA, MSCE, RHCSA, EBSA, or ECSS Certification
