Senior Security Engineer

TekSynap Corporation
Fort Belvoir, United States of America
24 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Shift work
Languages
English
Experience level
Senior

Job location

Fort Belvoir, United States of America

Tech stack

Amazon Web Services (AWS)
Azure
Bash
Command-Line Interface
Cloud Computing
Cloud Computing Security
Cloud Engineering
Computer Security
System Configuration
Intrusion Detection and Prevention
Python
NIPRNet
Powershell
Red Hat Enterprise Linux - RHEL
Ansible
Security Information and Event Management
Multi-Cloud
Backend
Cloudformation
Infrastructure Automation Frameworks
Microsoft Sentinel
REST
Terraform
Splunk
Api Management
Security Orchestration, Automation & Response

Job description

  • Lead the design and implementation of security automation workflows using tools like Python, Ansible, and SOAR platforms to enhance efficiency and response capabilities across all network enclaves.
  • Design, engineer, and secure cloud architecture within AWS IL-4/5 environments , implementing robust security controls and ensuring compliance with stringent DoD standards.
  • Serve as the SIEM SME/Architect to enhance the agency's SIEM platform by developing advanced security content, creating custom dashboards, integrating REST APIs, and onboarding new data sources to improve threat visibility.
  • Serve as a senior engineer for security analytics across multiple platforms, including, but not limited to Microsoft Sentinel and Splunk. This involves developing and implementing advanced correlation rules, workload analytics, and threat intelligence models to detect and respond to anomalous activity.
  • Serve as a senior technical resource and mentor for other team members, providing guidance on best practices for operating securely across classified and unclassified networks.
  • Analyze and integrate new subscriber data and security tools into the existing ecosystem to enhance threat detection and response capabilities.
  • Create and maintain clear, comprehensive technical documentation, including architectural diagrams and Standard Operating Procedures (SOPs) tailored for multi-enclave operations.
  • Monitor, triage, and support incident response leveraging SIEM platform capabilities including correlation searches, and risk-based alerting (RBA) across all network enclaves.
  • Maintain and update SIEM content (dashboards, alerts, reports) in alignment with IR playbooks and SOAR workflows to accelerate analyst response times and improve detection fidelity

Requirements

  • Active Top Secret Clearance with SCI eligibility.
  • DoD 8570 / 8140 Compliance: Active IAT Level II and CSSP Infrastructure certification.
  • 8+ years of relevant experience in a hands-on cybersecurity role within a DoD environment.
  • Experience supporting or participating in incident response within a DoD CSSP or SOC environment, including evidence collection, timeline reconstruction, and post-incident reporting.
  • Familiarity with NIST SP 800-61 (Computer Security Incident Handling Guide) as the baseline IR framework.
  • Extensive, hands-on engineering experience and operating within multi-cloud IL-4/5 secure cloud environments.
  • Demonstrated experience working across multiple network classification levels (NIPR, SIPR, and JWICS).
  • Advanced, hands-on experience with security analytics platforms, including Splunk (Enterprise/ES), Elastic, and Microsoft Sentinel.
  • Strong, demonstrable proficiency in scripting and automation for security tasks using languages like Python, PowerShell, Bash, or Ansible, including experience with API integrations .
  • Solid foundation in Linux/Unix administration and command-line operations necessary for managing backend SIEM and security infrastructure.

PREFERRED QUALIFICATIONS

  • Certifications related to Microsoft Azure Security (e.g., Azure Security Engineer Associate, Microsoft Sentinel Ninja).
  • Experience configuring and maintaining RHEL systems in compliance with DISA STIGs and supporting ATO documentation efforts.
  • Experience with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation).
  • High-level SIEM (Splunk, Elastic, MS Sentinel) and Cloud Architecture certifications.
  • Working knowledge of the DoD Risk Management Framework (RMF) process, including experience preparing or supporting System Security Plans (SSPs), STIGs, and continuous monitoring requirements for systems operating at IL-4/5., We are seeking a highly skilled Senior Security Engineer ( (SIEM, Cloud, & Security Analytics) to be a key technical leader on our CSSP Team. This role is for a seasoned professional with deep, hands-on experience operating across multiple DoD network enclaves (NIPR, SIPR, and JWICS) . The ideal candidate will drive the design and implementation of sophisticated security solutions, both on-prem and future secure cloud environments , leveraging expertise in a range of security platforms, including, but not limited to Splunk, Elastic, and Microsoft Sentinel . This is a hands-on role for a senior expert who can engineer and automate a complex, multi-faceted security posture.

Benefits & conditions

We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays.

Apply for this position