Senior Security Engineer with Palo Alto
Company: ALTA IT Services
Location: Herndon
Posted on: November 15, 2024
|
|
Job Description:
ALTA IT is looking for a Senior Security Engineer. In this role
you will play a critical role in designing, implementing, and
maintaining a robust security posture to protect our IT
infrastructure and data from cyber threats. This is a Hybrid role
and requires living in commuting distance of Herndon, VA. This
building is a cleared facility and thus requires US
Citizenship.
If you want to know about the requirements for this role, read on
for all the relevant information.
As a Senior Security Engineer, you will be responsible for a wide
range of security activities, including security architecture,
threat detection and response, and security operations management.
You will work collaboratively with other teams to ensure our
security posture aligns with business objective.
Responsibilities
Security Architecture & Design:
Design and implement secure system architectures, controls, and
procedures aligned with industry best practices (NIST CSF, MITRE
ATT&CK) and compliance frameworks.
Champion the integration of security considerations throughout the
software development lifecycle (DevSecOps).
Stay informed on emerging security threats and trends to
proactively improve our security posture.
Threat Detection & Response: Oversee the implementation and tuning
of security monitoring tools (SIEM, XDR) for effective threat
detection and incident response.
Lead incident response activities, including investigation,
containment, eradication, and recovery.
Develop and maintain security playbooks to ensure efficient
incident handling.
Security Operations Management: Manage and maintain security
processes, ensuring continuous operational readiness and system
protection.
Provide technical and analytical leadership for evaluating and
recommending new security tools and technologies (cloud security,
container security).
Collaborate across the organization to integrate security
initiatives with business objectives.
Other: Mentor junior security team members on best practices and
security tools.
Develop, implement, and maintain the organization's GRC framework
to ensure compliance with industry standards and regulations.
Conduct risk assessments and analyze the potential impact on the
organization's operations, making recommendations to mitigate
identified risks.
Monitor and evaluate compliance with security policies, procedures,
and regulatory requirements
Collaborate with cross-functional teams to integrate GRC practices
into business processes and ensure effective risk management.
Prepare and present detailed reports on compliance status, risk
assessments, and mitigation strategies to senior management.
Facilitate internal and external audits, ensuring all necessary
documentation and evidence of compliance are readily available.
Stay updated on evolving regulatory requirements, industry
standards, and best practices in GRC.
Provide training and guidance to staff on GRC policies and
procedures to promote a culture of compliance within the
organization.
Manage incident response processes and ensure timely reporting and
resolution of security incidents in accordance with regulatory
requirements.
Performs work under minimal supervision. Handles complex issues and
problems, and refers only the most complex issues to higher-level
staff. Possesses comprehensive knowledge of subject matter. May act
as a lead.
Qualifications
Bachelor's degree in computer science, Information Technology,
Cybersecurity, or a related field (required).
Minimum 5-8 years of experience in information security, with a
focus on security architecture, threat detection & response, and
security operations management (required).
Experience with incident detection, response, and forensics
(required).
Experience with design, delivery, and management of security
information systems (required).
Strong analytical, problem-solving, and decision-making skills.
Excellent communication, collaboration, and interpersonal
skills.
Ability to work independently and as part of a team.
Ability to manage multiple priorities and meet deadlines in a
fast-paced environment.
Technical Skills (Essential):
Working knowledge of security technologies including firewalls,
VPNs, DLP, IDS/IPS, and web proxies.
Knowledge of Palo Alto's core products, especially the Strata
platform which includes physical firewalls and the Panorama
management system.
Ability to design, deploy, operate, and manage Palo Alto firewall
solutions.
Familiarity with cloud security principles and Palo Alto's cloud
offerings like Prisma Cloud.
Understanding of security operations concepts like SIEM (Security
Information and Event Management) and SOAR (Security Orchestration,
Automation and Response), which are relevant for XDR.
Hands-on experience with Palo Alto firewall configuration, policy
creation, and troubleshooting.
Cisco or Palo Alto certifications (CCNA, CCIE, PCNSE, PCDRA).
Experience with threat detection, incident response, and forensics
methodologies.
Proficiency in scripting languages (Python, Bash) for automation
and security tooling.
Strong understanding of system security engineering (SSE)
principles and processes.
This Hybrid position requires that you live within commuting
distance from Herndon, VA
Desired Qualifications: Experience with cloud security principles
and best practices (AWS Security, Azure Security etc.).
Experience with container security (Docker, Kubernetes).
Certifications such as CISSP, CRISC, CISM, CCSP.
Keywords: ALTA IT Services, Washington DC , Senior Security Engineer with Palo Alto, Engineering , Herndon, DC
Click
here to apply!
|