Security Engineer - HYBRID!

Be Challenged and Make a Difference 

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture. 

Description of Task to be Performed:

AnaVation is looking for a Security Engineer to assist the client leadership with system security engineering and administration. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members.

Responsibilities include, but not limited to:

· Perform system administration for security tools such as vulnerability scanning tools (e.g., Tenable SC/IO, Burpsuite), EDR tools (e.g., Crowdstrike), SIEM tools (e.g., Splunk) and other security tools (e.g., McAfee (NSM), GRC tool (CSAM)).

· Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance.

· Perform application updates and patches to security tools.

· Conducting, managing, and scheduling vulnerability scans.

· Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans.

· Providing Incident Response (IR) activities to includes triage, investigating, interviewing, resolving, and reporting on events. Creating, updating, and/or revising the IR Playbook and IR Plan.

· Promoting information security awareness across the program, ensuring security controls and processes are implemented, and developing appropriate security-related documentation.

· Presenting vulnerability analysis to system admins, system owners, and leadership.

· Complying with the CRM and DOJ program management guidance for new and decommissioned tools.

· Being the POC during security audits that pertain to vulnerability scanning and analysis.

This position is currently hybrid (2 days per week on site at the customer location in DC) but is subject to change at the customer’s direction.

This position requires an Active Secret clearance.

• 5-10 years of experience in information system engineering and configuration management.
• 5 years of experience in system security analysis and implementation and secure system engineering or design.
• Excellent communication skills.
• Hands on experience with:
• Security monitoring and evaluation, including audits, assessment, and risk management
• Splunk
• Tenable
• Nessus
• Bigfix
• Crowdstrike
• McAfee
• Web App Scanning tools (e.g., Burpsuite)
• Microsoft Excel and other MS Office Products
• Able to deliver and present vulnerability analysis to a wide range of audience (i.e., system admins, system owners, leadership).
• Involvement in security audits as the go to POC for scanning and vulnerability analysis.
• Familiarity with:
• Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases
• Agile Methodologies
• GRC Tools (e.g., CSAM)
• Certifications: Security
• Strong desire to learn, grow and is highly motivated.

• Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP,
• Understanding of cloud systems and security tools
• Education: Bachelor’s degree in Engineering, Computer Science, or Information Systems
• Certifications: CISSP

Benefits 

·        Generous cost sharing for medical insurance for the employee and dependents 

·        100% company paid dental insurance for employees and dependents 

·        100% company paid long-term and short term disability insurance 

·        100% company paid vision insurance for employees and dependents 

·        401k plan with generous match and 100% immediate vesting 

·        Competitive Pay 

·        Generous paid leave and holiday package 

·        Tuition and training reimbursement 

·        Life and AD&D Insurance

About AnaVation 

AnaVation is the leader in solving the most complex technical challenges for collection and processing in the U.S. Federal Intelligence Community. We are a US owned company headquartered in Chantilly, Virginia. We deliver groundbreaking research with advanced software and systems engineering that provides an information advantage to contribute to the mission and operational success of our customers. We offer complex challenges, a top-notch work environment, and a world-class, collaborative team.  

If you want to grow your career and make a difference while doing it, AnaVation is the perfect fit for you!