Sr Principal Cyber Defense Security Eng - 90073855 - Washington
Vacancy expired!
Your success is a train ride away.Amtrak connects businesses and communities across the country and we move America's workforce toward the future. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority and the success of our railroad is the result of our employees. Are you ready to join our team?Summary of Duties: Senior Principal Cyber Defense Engineer embodies security-first principles, constantly assesses the threat landscape, and adapt quickly to manage enterprise risk, as well as technology integration and deployment requirements. Cyber Defense Engineers think like attackers to identify how solutions may be abused to an attacker's advantage. This role will be responsible for championing security operations requirements, transforming design into operational platforms, engineering cyber resilience through cyber defense deployments, integrations, optimization, calibration, and the overall management of the cyber defense ecosystem to support full-spectrum security operations. Essential Functions: As a Senior Principal Cyber Defense Engineer you will:
- Serve as the technical lead for complex cyber defense projects as established by the service owner.
- Serves as a service offering lead of security technologies in support of the service owner and cybersecurity strategic plan.
- Champion security operations requirements.
- Transform design into functional operational requirements.
- Responsible for the deployment, integration, optimization, calibration, and management of your cyber defense service pillar.
- Remain current on cyber security trends, evaluate new technology, provide recommendations to reduce or mitigate security threats.
- Translate business requirements to technical solutions, identify cyber risk and recommend solutions.
- Provide cross-functional support and advisory to governance, risk, and compliance (GRC), enterprise/solution and cybersecurity architecture, and IT/OT service teams.
- Develop technical product documentation for cyber defense toolsets.
- Develop standard operating procedures for cyber defense toolsets.
- Develop and design process engineering workflows for cyber defense toolsets.
- Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, Engineering, or related field plus 9+ years of relevant experience required.
- 13+ years of relevant work experience required to satisfy education and experience requirements: systems/security engineering, systems administration, network or cloud security, cyber security analyst, penetration testing, security operations center, or incident response.
- 5+ years' experience as technical lead for projects for medium to large enterprises
- 3+ years' experience as technical lead for operational teams
- Professional working experience with at least one or more: Python, PowerShell, Bash/Shell scripting for task automation or tool creation.
- Proven ability to clearly document and communicate security findings, prioritize key risks to the business and recommend solutions to leadership.
- Must possess excellent customer service, strong communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated.
- Ability to think like an attacker and implement security mitigations.
- Deep understanding of adversary tactics, techniques, procedures, and tools.
- Deep understanding of one or more: OWASP, CVSS, MITRE ATT&CK, MITRE SHIELD/ENGAGE/D3FEND Frameworks, Security Development Lifecycle (SDL), Threat Modeling/Microsoft STRIDE
- Familiarity with NIST SP 800-160v2 Developing Cyber Resilient Systems
- Experience with managing a security ecosystem consisting of SIEM/SOAR, EDR/AV, CASB, IDS/IPS, DLP, UEBA, FW, IAM/SSO, etc. technologies.
- Experience with Microsoft Defender 365 Security.
- Experience with EDR (Endpoint Detection and Response), CASB (Cloud Access Security Broker), Email Security, Data-Loss Protection, Anti-Virus, Identity Management.
- Experience with vulnerability management, Application Security (SAST, DAST) scanning and offensive cyber security tools.
- Experience with threat intelligence content development and exploit mitigation.
- Experience with Microsoft Sentinel Notebooks or Security Orchestration, Automation and Response (SOAR) tools.
- One or more cloud certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200), Microsoft Certified: Identity and Access Administrator Associate (SC-300), Microsoft Certified: Information Protection Administrator Associate (SC-400).
- Master's degree in Information Technology, Cybersecurity, or equivalent
- 11+ years of experience in cybersecurity engineering specialization.
- Basic knowledge of Operation Technology (OT), SCADA, HVAC and/or IoT
- One or more cybersecurity certifications: GPYC, GRID, GCIH, GCWN, GCDA, GDSA, GDAT, GCED, GCFA, GFCE, GDAT, GCTI, GMON, OSCP, OSCE, OSWP, OSEP, OSWE, CEH, CHFI, etc.
Vacancy expired!