Senior Engineer, Cloud and System Security
SES
McLean, United States of America
3 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
McLean, United States of America
Tech stack
Microsoft Windows
Microsoft Active Directory
Azure
Cloud Computing
Cloud Engineering
Computer Security
Information Systems
Information Leak Prevention
Data Security
Linux
Document Management Systems
Identity and Access Management
JSON
Python
Kerberos (Protocol)
Microsoft Office
Windows Server
Citrix Systems
OAuth
Password Management
Public Key Infrastructure
Powershell
Azure
Security Assertion Markup Language (SAML)
Simple Object Access Protocol (SOAP)
Single Sign-On
Software Engineering
SSL Certificate Management
Scripting (Bash/Python/Go/Ruby)
Office365
Software Security
Mitre Att&ck
Malware
Microsoft InTune
Information Technology
Patch Management
REST
Terraform
VMware
Job description
- Translate advanced security requirements, threats, vulnerabilities and security risks in complex, heterogeneous environments into comprehensive effective and efficient technical security concepts
- Lead and advise architects and BizDevOps teams on effective and efficient cyber security strategies, architectures and technical security controls to meet advanced security requirements and deliver resilient solutions against advanced threat actors
- Design and document system and application security architectures and concepts in line with industry and governmental security standards that effectively mitigate security related risks, while accommodating complex operational needs in complex hybrid infrastructures
- Autonomously lead complex cyber security implementation projects as laid out in SES's information security strategy and deliver them within time, cost and scope.
- Design, implement and automate advanced cloud, system and application security controls leveraging best of breed and cloud native state of the art security technologies, including EDR, O365 Security, data leakage prevention and rights management, identification and access management, active directory security, secure software development
- Define policies, processes, procedures, configuration standards and guidelines to ensure appropriate security risk management throughout the system life cycle
- Perform technical security assessments and audits of complex information systems, applications and infrastructures to identify vulnerabilities and non-compliance with established security standards and recommend efficient and effective mitigation strategies
- Evaluate emerging risks and advise on and implement effective risk mitigations and state-of-the-art security concepts
- Support security incident response with a focus on the implementation of effective preventive system security controls as well as containment, eradication and recovery of information systems, + Operating Systems (MS Windows 10, Windows Server 201x and Linux), Citrix, VMWare, VDI, WVD, containers and applications, including a clear understanding of their vulnerabilities and how to securely design and implement them
- Automation using common scripting languages and interfaces including Powershell, Python, Terraform, JSON, SOAP, RestAPI, etc
- Identity and Access Management and Strong Authentication Systems, including Azure AD, Active Directory, Kerberos, SSO, SAML, OAuth
- MITRE ATT&CK framework for Enterprise and Cloud, attacker techniques and how to mitigate them in complex environments
- Public Key Infrastructure including HSM (e.g., Public Certificate Management, Internal Certificate Management, ...)
- Privileged Access Management and password vault solutions
- Malware protection, Enterprise Detection and Response and Host-based Intrusion Prevention Systems
- Security standards, best practices and guidelines (e.g., NIST SP-800 series, DISA STIGs, CIS)
- Vulnerability, compliance and patch management solutions for complex, heterogeneous systems
- Relevant product and general security certifications (e.g., Microsoft Azure, O365, CompTIA Cloud, GCWN, GCED, GCUX, GISP, GPEN, CISSP, CEH) and knowledge of the satellite industry are a plus
- Solid knowledge of cyber security threats, vulnerabilities, security technologies, controls and best practices
Requirements
- Highly autonomous and self-motivating with proven ability to deliver on complex and time critical tasks/projects
- Strong project management skills, able to handle multiple projects and lead cross-functional and/or virtual project teams
- Strong analytical skills and stress resistance
- Strong ability to overcome resistance to change, mediate in conflicts and resolve issues, and to secure stakeholder buy-in to the proposed solution
- Strong written and verbal communication skills: ability to explain security rationales and controls to non-technical audiences
- Excellent team player and ability to work in international and interdisciplinary teams
- Ability to learn new technologies quickly, * Degree in Computer Science and a minimum of 10 years industry related experience in large heterogeneous environments
- Sound, hands-on knowledge of and experience with managing system related security risks, including the assessment of system security risks, specification of security requirements, the definition of security concepts, secure system design, implementation of security controls, specification of secure configuration standards, assessment of security controls and vulnerabilities
- Knowledge of:
- MS Azure, Office 365, Azure Information Protection, Security Center, Cloud App Security, Microsoft Defender for O365, Defender for Identities, Intune, Conditional Access, Identity Protection, Application Gateway, Security and Compliance, * Fluency in English, any other language is considered as an asset
- Willingness to travel internationally and to perform on-call duty as required
- NATO/EU SECRET clearances are considered a strong asset. Candidate must be willing to undergo a security clearance procedure as this position might require holding security clearance
About the company
In this position you will be directly accountable for translating advanced security requirements into comprehensive effective and efficient technical security concepts. You will lead and advise project and BizDevOps teams to deliver solutions that are resilient against advanced threats. You will autonomously lead and deliver complex cyber security implementation projects and design, implement and automate advanced cloud, system and application security controls leveraging best of breed and cloud native state of the art security technologies.