Security Engineer

Zachary Piper Solutions is seeking a Security Engineer to join a Federal program. The position is Hybrid 1x day a week in Bethesda, MD. This role will support HHS efforts to design, implement, and maintain secure systems and networks.

Responsibilities of the Security Engineer include:

• Experience demonstrating strong analytical, troubleshooting, and problem-solving skills for cybersecurity. 
• Excellent written, and verbal communication skills. 
• Knowledge of NIST Cybersecurity, Privacy and Risk Management frameworks, and associated requirements. 
  • (NIST SP 800-53 Rev 5, ISO27001, HIPPA, SOX, PCI)
• Knowledge/experience with the majority of the following focus areas:
  • Zero Trust
  • Cyber program analysis
  • Cyber development, engineering, and architecture
  • Cyber Risk Management
  • DevSecOps Engineering
  • Linux Engineering
  • Kubernetes
  • Ansible
  • OS/APP/Database Hardening
  • Certificates and PKI Experience Windows/Linux Engineering
• Experience with Scripting
  • Perl, Go, Groovy, Helm, Bash, Python, and PowerShell

Qualifications of the Security Engineer include:

·       7+ years of experience in cybersecurity

·      Experience with: Webinspect, BurpSuite Pro, CI/CD Pipeline, Agile Development, AWS

·       Bachelor’s Degree in business, information technology, or related field of study (10 years of experience can be substituted in lieu of degree)

·       One of the following ACTIVE certifications: CISM, CISSP, GSLC, CEH, LPT, CPT (similar level certifications can be considered)

Compensation of the Security Engineer include:

·       Salary range: $145,000-$160,000 ***depending on experience and education***

·       Benefits: Medical, dental, 401k, and ect.

This job opens for applications on 2/3/2025. Applications for this job will be accepted for at least 30 days from the posting date

 #LI-NR1

Keywords: devsecops, security, cyber, cybersecurity, engineer, engineering, engineered, develop, developer, developed, development, CISM, CISSP, GSLC, CEH, LPT, CPT, SME, cyber security, infrastructure, code, testing, webapp, web app, web application, NIST, RMF, risk, management, risk management, subject matter expert, cleared, clearance, clearable, us citizen, public trust, contract, contract work, remote, remote work, work from home, wfh, telework, telecommute, network, networking, OSI, TCP/IP, shell, scripting, script, privacy, zero trust, architect, cyber development, cyber engineering, cyber architecture, splunk, linux, design, implement, maintain, secure, system, network, cloud, security engineer, cyber, cybersecurity, computer security, business, information technology, IT, NIST, rmf, risk management, risk management frameworks, assess, mitigate, privacy, cyber threats, threat, threats, vulnerability, vulnerabilities, networking protocols, TCP/IP, SNMP, DNS, DHCP, intrustion detection, palo alto, firewalls, Broadcom, data loss, prevention, data encryption, AWS, cloud, security framework, information security, VPN, DMARC, DKIM, SPF, red team, pen testing, penetration testing, offensive security, defensive security, OS, APP, hardening, scripting, bash, python, powershell, crowdstrike, burpsuite, windows, linux, tenable, nessus, SC, splunk, search, dashboard, SPL, search processing language, data manipulation,design, implement, maintain, secure, system, network, compliant, compliance, risk, cloud, AWS, data storage, transfer, root cause analysis, security documentation, SOPs, authority to operate, ATO, FISMA, Agency Information Security and Privacy, Cloud Guidelines, application security, defensive security, blue team, purple team, Certified Information Security manager, certified information systems security professional, GIAC Security Leadership Certification, GIAC, Comptia, Certified Ethical Hacker, Licensed Penetration Tester, Certified Penetration Tester, app security, application security, OWASP, SAST, DAST, web app