Senior Information Security Engineer
Role details
Job location
Tech stack
Job description
Lead the delivery of the cybersecurity framework for a large-scale secure implementation supporting a growing and expanding business. Working in a secure environment, this role is focused on securing and protecting the application and data and implementing United States Government standards. This individual is the primary focal point for working with security auditors and key stakeholders, providing the necessary information. This role works closely with other infrastructure, network, and database engineers to support the maintenance, upgrades, and implementation of network security applications and hardware.
Essential Functions and Duties:
-
Install, configure, and maintain Security Event Information Management (SEIM) across Linux and Windows environments.
-
Security tool implementation and performance Continuous Monitoring: Tenable or other Vulnerability Scanning and Management tool; Log Files Management; IDMS tools; Anti-virus, Firewall: (e.g., Wazuh, Trellix EPO, Solarwinds, Tenable), and Penetration testing. , * Evaluate security infrastructure tools/architecture for improvements and adaption to changing government standards.
-
Assistance with configuration and validation of DISA Security Technical Implementation Guidelines (DISA) and identification of exceptions with mitigations
-
Establishes, maintains, and monitors all security policies and access rules defining specific access to network, files, and database management systems according to the System Security Plan.
-
Identifies potential Security Incidents and participation in Security Incident Response planning and execution. Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
-
Stay current on emerging technologies and threats and proactively assess and evaluate their adoption into the organization.
-
Perform COMSEC Manager role and work with FSO and infrastructure team on implementing key security practices required to maintain the secure facility.
-
Advise management (e.g., CIO) on risk levels and security posture.
-
Be able to work independently in a secure space where access to fellow security engineers is limited.
Requirements
-
Knowledge of cybersecurity principles.
-
Knowledge of computer networking concepts and protocols, and network security methodologies
-
Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Secure Hash Algorithm [SHA])
-
Key Management implementation and maintenance experience
-
Detailed understanding of virtualized platforms, Linux, and Windows use and administration, and applicable security vulnerabilities and controls
-
Detailed understanding of the web, application, and database architectures and applicable security vulnerabilities and controls ,Experience:
-
DoD Risk Management Framework (RMF) knowledge, NIST SP 800-53, and NIST SP 800-171 experience
-
Experience with FedRAMP/DISA reporting and compliance
-
Demonstrated experience building and managing vulnerability management programs from vulnerability discovery processes to remediation and validation
Minimum Qualifications:
-
The applicant should currently hold and be able to maintain a US security clearance at the Secret level
-
Ability to work on-site in the Atlanta Office for the majority of working hours and on-call support as needed
-
5+ years proven experience and demonstrated success in technology roles with emphasis on vulnerability management, information security and a strong technical background
-
Strong oral and written communication capability. Clearly communicate complex ideas into simple terms for key stakeholders.
-
Currently possess or ability to obtain DoD 8570.01 Base Line certification (e.g. CAP CCNA Security - CISCO, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP) IAM Level II & IAT Level II.
Benefits & conditions
At PTC, we believe in the power of diverse ideas and perspectives. As a global company that values and respects all identities, cultures, and perspectives, we strive to create an inclusive PTC for ALL through an environment where everyone feels like they belong and are empowered to bring their true, authentic selves to work. Proud to be an Equal Opportunity Employer, we welcome applicants from all backgrounds and hire without regard to race, national origin, religion, age, color, ethnicity, ancestry, marital status, sex (including pregnancy), sexual orientation, gender identity, gender expression, genetic information, disability, veteran status, or any other characteristic protected by local, state, or federal laws, rules, or regulations. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability. ,Life at PTC is about more than working with today's most cutting-edge technologies to transform the physical world. It's about showing up as you are and working alongside some of today's most talented industry leaders to transform the world around you.
If you share our passion for problem-solving through innovation, you'll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us?