25 Jan
Sr Principal Cyber Defense Security Eng - 90073855 - Washington
District of Columbia, Washington , 20001 Washington USA

Vacancy expired!

Your success is a train ride away.Amtrak connects businesses and communities across the country and we move America's workforce toward the future. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our priority and the success of our railroad is the result of our employees. Are you ready to join our team?Summary of Duties: Senior Principal Cyber Defense Engineer embodies security-first principles, constantly assesses the threat landscape, and adapt quickly to manage enterprise risk, as well as technology integration and deployment requirements. Cyber Defense Engineers think like attackers to identify how solutions may be abused to an attacker's advantage. This role will be responsible for championing security operations requirements, transforming design into operational platforms, engineering cyber resilience through cyber defense deployments, integrations, optimization, calibration, and the overall management of the cyber defense ecosystem to support full-spectrum security operations. Essential Functions: As a Senior Principal Cyber Defense Engineer you will:

  • Serve as the technical lead for complex cyber defense projects as established by the service owner.
  • Serves as a service offering lead of security technologies in support of the service owner and cybersecurity strategic plan.
  • Champion security operations requirements.
  • Transform design into functional operational requirements.
  • Responsible for the deployment, integration, optimization, calibration, and management of your cyber defense service pillar.
  • Remain current on cyber security trends, evaluate new technology, provide recommendations to reduce or mitigate security threats.
  • Translate business requirements to technical solutions, identify cyber risk and recommend solutions.
  • Provide cross-functional support and advisory to governance, risk, and compliance (GRC), enterprise/solution and cybersecurity architecture, and IT/OT service teams.
  • Develop technical product documentation for cyber defense toolsets.
  • Develop standard operating procedures for cyber defense toolsets.
  • Develop and design process engineering workflows for cyber defense toolsets.
Minimum Qualifications:
  • Bachelor's Degree in Computer Science, Information Systems, Cybersecurity, Engineering, or related field plus 9+ years of relevant experience required.
  • 13+ years of relevant work experience required to satisfy education and experience requirements: systems/security engineering, systems administration, network or cloud security, cyber security analyst, penetration testing, security operations center, or incident response.
  • 5+ years' experience as technical lead for projects for medium to large enterprises
  • 3+ years' experience as technical lead for operational teams
  • Professional working experience with at least one or more: Python, PowerShell, Bash/Shell scripting for task automation or tool creation.
  • Proven ability to clearly document and communicate security findings, prioritize key risks to the business and recommend solutions to leadership.
  • Must possess excellent customer service, strong communication and interpersonal skills, work well with others in an integrated team environment, and must be self-motivated.
  • Ability to think like an attacker and implement security mitigations.
  • Deep understanding of adversary tactics, techniques, procedures, and tools.
  • Deep understanding of one or more: OWASP, CVSS, MITRE ATT&CK, MITRE SHIELD/ENGAGE/D3FEND Frameworks, Security Development Lifecycle (SDL), Threat Modeling/Microsoft STRIDE
  • Familiarity with NIST SP 800-160v2 Developing Cyber Resilient Systems
  • Experience with managing a security ecosystem consisting of SIEM/SOAR, EDR/AV, CASB, IDS/IPS, DLP, UEBA, FW, IAM/SSO, etc. technologies.
Preferred Qualifications:
  • Experience with Microsoft Defender 365 Security.
  • Experience with EDR (Endpoint Detection and Response), CASB (Cloud Access Security Broker), Email Security, Data-Loss Protection, Anti-Virus, Identity Management.
  • Experience with vulnerability management, Application Security (SAST, DAST) scanning and offensive cyber security tools.
  • Experience with threat intelligence content development and exploit mitigation.
  • Experience with Microsoft Sentinel Notebooks or Security Orchestration, Automation and Response (SOAR) tools.
  • One or more cloud certifications: Microsoft Certified: Security Operations Analyst Associate (SC-200), Microsoft Certified: Identity and Access Administrator Associate (SC-300), Microsoft Certified: Information Protection Administrator Associate (SC-400).
Strongly Desired:
  • Master's degree in Information Technology, Cybersecurity, or equivalent
  • 11+ years of experience in cybersecurity engineering specialization.
  • Basic knowledge of Operation Technology (OT), SCADA, HVAC and/or IoT
  • One or more cybersecurity certifications: GPYC, GRID, GCIH, GCWN, GCDA, GDSA, GDAT, GCED, GCFA, GFCE, GDAT, GCTI, GMON, OSCP, OSCE, OSWP, OSEP, OSWE, CEH, CHFI, etc.
COMMUNICATIONS AND INTERPERSONAL SKILLS: Must have excellent oral and written communication skillsSF:LIRequisition ID: 70169 Posting Location(s): District of Columbia Job Family/Function: Information Technology Relocation Offered: No Travel Requirements: Up to 25% Amtrak employees power our progress through their performance. We want your work at Amtrak to be more than a job - we want it to be a fulfilling experience where you find challenging and rewarding opportunities, respect among colleagues, competitive pay, benefits that protect you and your family and a high performance culture that recognizes and values your contributions and helps you reach your career goals.All positions require pre-employment background check verification, a pre-employment drug screen and proof of full vaccination against COVID -19. Amtrak is committed to a safe workplace free of drugs and alcohol and performs pre-employment substance abuse testing. Marijuana, notwithstanding any statute, ordinance, regulation, or other law that legalizes or decriminalizes the use or possession of marijuana, whether for medical, recreational, or other use. Candidates who engage in the usage of marijuana will not be qualified for hire. Successful applicants for employment with Amtrak must be fully vaccinated against COVID-19 by the date of hire as a condition of employment, subject to requests for accommodation. Fully vaccinated means 14 days have elapsed since receiving the second dose of the Pfizer or Moderna vaccine or 14 days since receiving the Johnson & Johnson vaccine.In accordance with DOT regulations (49 CFR § 40.25), Amtrak is required to obtain prior drug and alcohol testing records for applicants/employees intending to perform safety-sensitive duties for covered Department of Transportation positions. If an applicant/employee refuses to provide written consent for Amtrak to obtain these records, the individual will not be permitted to perform safety-sensitive functions.Note that any education requirement listed above may be deemed satisfied if you have an equivalent combination of education, training and experience.Amtrak is an EOE/Affirmative Action Minority/Female employer, and we welcome all to apply. We consider candidates regardless of race/color, religion, sex (including pregnancy, childbirth and related conditions), national origin/ethnicity, age, disability (intellectual, mental and physical), veteran status, marital status, ancestry, sexual orientation, gender identity and gender expression, genetic information, citizenship or any other personal characteristics protected by law.POSTING NOTES: Information Technology Information Technology

Vacancy expired!


Report job