Security Systems Engineer
Apply on
Who we are:
ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a work hard, play hard mentality and celebrates individual and company successes. We are passionate about our mission and going above and beyond to deliver for our customers. We are equally passionate about an environment that supports creativity, accountability, diversity, inclusion, and a focus on giving back to our community.
The Perks:
As recognized members of the Cyber Elite, we work together in partnership to defend our nation s critical infrastructure while building meaningful and exciting career development opportunities in a culture tailored to the individual technical and professional growth. We are committed to the belief that our team members do their best work when they are happy and well cared for. In support of this philosophy, we offer a comprehensive benefits package, including major carriers for health care providers. Highlighted benefits offered: 18 days of PTO, 11 holidays, 80% of insurance premium covered, 401k, continued education, certifications maintenance and reimbursement, etc.
Who we re looking for:
We are seeking an Security Systems Engineer with a strong background in assessing, implementing, securing, and administering dedicated cyber defense software within the federal market. The ideal candidate will be skilled in designing and maintaining robust security configurations and architectures across various cybersecurity technologies. The Security Systems Engineer role includes applying and managing Azure Policy to enforce security compliance and identify potential risks across cloud resources. This is a unique opportunity to shape the growth, development, and culture of an exciting and fast-growing company in the cybersecurity market.
What you ll be doing:
- Create, assess, and update system/application security configuration baselines by defining, establishing, and validating systems' compliance with security baselines.
- Design, develop, test, and evaluate information system security throughout the system development life cycle.
- Implement and update system security measures that ensure confidentiality, integrity, availability, authentication, and non-repudiation.
- Develop risk mitigation strategies to address vulnerabilities and recommend necessary security changes.
- Conduct security reviews to identify security gaps in system architecture.
- Perform risk analysis (threat, vulnerability, and probability assessments) when systems or applications undergo major changes.
- Identify and resolve conflicts in the implementation of cyber defense tools, including tool configurations, policies, and signature optimization.
- Implement Risk Management Framework (RMF)/Security Assessment and Authorization (SA&A) requirements for dedicated cyber defense systems and maintain relevant documentation.
- Access Azure subscriptions to apply Azure Policies at the management group, subscription, or resource group level to enforce security rules and ensure compliance with the Agency Hardening Guide.
- Monitor resource configurations to identify potential security risks through policy evaluations.
- Collaborate with various teams to maintain and update deployed Azure Policies as changes are made to the Agency Hardening Guide.
What you need to know:
- Experience developing and deploying critical security architecture solutions and hardening guides across technologies, such as firewalls, Web Application Firewalls (WAFs), CASB/SASE, proxies, Network Security Groups (NSGs), and other cybersecurity solutions.
- Intermediate knowledge of network and host-based firewalls, intrusion detection/prevention systems, vulnerability scanning, anti-malware protection, secure data transmission technologies, and network monitoring/protection solutions.
- Familiarity with multiple cybersecurity tools, including Configuration Assessment, Log Aggregation, Integrity Verification, Network Access Control System, and Endpoint Security Solutions.
- Working knowledge of cloud security, application security, network security, and disaster recovery.
- Strong written and verbal technical communication skills.
- Proven ability to develop effective working relationships that improve the quality of work products.
- Ability to maintain focus and develop proficiency in new skills rapidly.
- Excellent organizational skills with the ability to handle competing priorities.
- Ability to thrive in a fast-paced environment, manage multiple tasks simultaneously, coordinate resources, and ensure scheduled goals are met.
- Strong problem-solving skills, with the ability to seek out data and evaluate solutions effectively.
Must have s:
- Bachelor s degree in Cybersecurity, Computer Science, Information Systems, Mathematics, Engineering or a related field.
- 7+ years of relevant cybersecurity experience.
- Demonstrated ability to apply critical thinking to develop undefined tasks into actionable processes and work streams.
- Experience implementing and managing Azure Policies to enforce security compliance and evaluate risks.
- This position requires U.S. citizenship in compliance with federal contract requirements.
Beneficial to have the following:
- Ability to provide guidance on Enterprise Logging configurations for endpoint security technologies, firewalls, routers, switches, and CTEM monitoring applications.
- Experience analyzing audit results and working with stakeholders to resolve vulnerabilities and document exceptions.
- Strong ability to develop partnerships across IT functions where they intersect with security.
- Knowledge of modern software development and deployment practices, including unit testing, CI/CD (continuous integration/continuous deployment).
- Relevant industry certification.
Where it s done:
- Remote (Herndon, VA).
