Security Engineer, Security Engineering

Security EngineeringUS Exempt RegularFull timeStateside Exempt 4.1Location: Adelphi, MD (Hybrid)

Summary:

The  security engineer provides support to ensure applicable information protection policies, procedures, guidelines, best practices are followed. Performs Security Risk Assessments (SRAs) and performs compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures. Educates stakeholders in the assessment process and lead both pre- and post-assessment meetings. Analyzes and explains the security vulnerabilities found during the assessment process and provide guidance on acceptable remediation actives to the program/project team. Works with senior system engineers to ensure that capabilities will be integrated into the developed systems including requirement validation, architecture and design, and producing appropriate documentation. Sets and provides technical guidance and direction to security engineering team involved in system security engineering activities across a system of systems and defines, implements, and enforces system security engineering processes to be applied to multiple projects by the security engineering team. Ensures program compliance to information sharing initiatives, identity & privacy (PII) issues, information security and assurance policies, and federal guidance and standards.

Duties and Responsibilities:

• Develop and maintain the IT security Incident Response Program

• Adhere to existing risk management frameworks, such as NIST 800-171 

• Develop business process mapping for implementation of security policies and standards throughout enterprise 

• Ensure security of customer endpoints utilizing latest technologies focused on malware, threat detection, and behavior analysis

• Develop process flows and mapping of security architecture components as part of an enterprise architecture. 

• Analyze output from network vulnerability assessments and recommend mitigation strategies;  

• Review and provide feedback on security plans and procedures regarding all aspects of LAN, WAN or MANs, as applicable; 

• Assist in designing security products to include firewalls, intrusion detection systems, antivirus, patch management, etc.;

• Configure alerting mechanisms to allow for fast resolution of incidents

• Review and provide input into network designs to ensure compliance with security and enterprise architecture; 

• Provide input and visibility into emerging security technologies, deployment strategies and other security protocols to ensure awareness within the IT security branch. 

• Build/enhance security architecture and configure network to enhance the security posture of the enterprise 

• Develop and/or implement automated security testing tools where possible. 

• Implement protective measures and respond to alerts regarding suspected phishing, CaSB or DLP information sharing violations, and staff, faculty or student account anomalies.

• Become escalation point for desktop support teams in regards to IT security related incidents

• Train desktop support staff in regards to best cyber security practices.

• Provide forensic analysis support in the case of any cyber security incident.

• Provide security input on overall software architecture. 

• Liaison with compliance teams for internal and external software compliance efforts. 

• Performs hands-on testing of applications, as well as build and enforce information risk management requirements and structure, including providing practical secure architecture skills and developing and implementing Information Security best practices

Skills:

• Basic skills needed include: 

  • Endpoint Security Solutions

  • Risk management and security risk assessments

  • Splunk

  • Forensic Analysis

  • Authentication and authorization

• Enterprise aware (change control, downstream impacts, understanding of cause and effect, change windows, etc.) 

• Recognized as a strategic thinker and is results oriented 

• Demonstrated effective strong team player and self-motivator. Ability to work and interface internally with a IT and other functional support groups with minimal guidance 

• Demonstrated successful experience in a customer-facing role 

• Demonstrated communicator both written and verbal, with effective presentation delivery and meeting facilitation  

• Demonstrated effective time management, organizational and documentation skills

• Good analytical and troubleshooting skills

Education & Experience Requirements:

Experience:

• 8 years or more of professional experience with 4 or more years in IT security

• Must have the knowledge of IT security technologies such as firewalls, intrusion detections systems, antivirus, patch management, etc, and the interest and experience to work on security policy and architecture 

• Experience in engineering and operational roles (a plus if both roles at the same time).

• Familiar with DHS and NIST security policy and be able to review against security architecture technical requirements 

• Intermediate to advanced knowledge of information security concepts. 

• Knowledge of network architecture and design, network Security, wireless Security and client/server security. Very strong computer networking skills (TCP/IP, Ethernet, etc.) and understanding of networking protocols. Security of virtual machine environments is highly desirable. 

• Knowledgeable about deployment of wireless LAN and wireless IDS

• Knowledge of vulnerability assessment/network discovery and associated tools 

• Understands infrastructure monitoring  

• Knowledge of securing Linux/Unix, Mac OS X, and Windows systems. 

• Experience with various types of firewalls and technologies 

• Demonstrated process improvement experience

Preferred Experience Requirements:

Education:

• Bachelor's Degree

Certifications:

• GSEC

• CISSP

• CISA

• Security +

All submissions should include a cover letter and resume.

The University of Maryland Global Campus (UMGC) is an equal opportunity employer and complies with all applicable federal and state laws regarding nondiscrimination. UMGC is committed to a policy of equal opportunity for all persons and does not discriminate on the basis of race, color, national origin, age, marital status, sex, sexual orientation, gender identity, gender expression, disability, religion, ancestry, political affiliation or veteran status in employment, educational programs and activities, and admissions.

Workplace Accommodations:

The University of Maryland Global Campus Global Campus (UMGC) is committed to creating and maintaining a welcoming and inclusive working environment for people of all abilities. UMGC is dedicated to the principle that no qualified individual with a disability shall, based on disability, be excluded from participation in or be denied the benefits of the services, programs, or activities of the University, or be subjected to discrimination. For information about UMGC's Reasonable Workplace Accommodation Policy or to request an accommodation, applicants/candidates can contact Employee Accommodations via email at employee-accommodations@umgc.edu. 

Benefits Package Highlights:

• Generous Time Off: Enjoy 22 days of paid vacation, 15 days of sick leave, 3 personal days, and 15 paid holidays (16 during general election years). For part-time employees, time off rates will be prorated based on the number of hours worked.
• Comprehensive Health Coverage: Access to health care, medical with vision, dental, and prescription plans for both individuals and families, effective from the 1st of the month following your hire date.
• Insurance Options: Term Life Insurance, Accidental Death and Dismemberment Insurance, and Long-Term Disability (LTD) Insurance. Part-time employees working less than 0.5 FTE are not eligible for LTD.
• Flexible Spending Accounts: Available for medical and dependent care expenses.
• Retirement Plans: Choose between the Optional Retirement Program (ORP) or the Maryland State Retirement and Pension System (MSRPS).
• Supplemental Retirement Plans: include 401(k), 403(b), 457(b), and various Roth options. The university does not provide matching funds.
• Tuition Remission: Immediate availability for Regular Exempt Staff. Spouses and dependent children are eligible for undergraduate tuition remission after two years of service. NOTE: For part-time employees (at least 50 percent of the time), tuition remission benefits are prorated.

Hiring Range:

$84,000.00 - $94,500.00