We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Senior Security Engineer - 3632013

TCG
125,000.00-150,000.00 per year Final salary determination will be made based upon the knowledge, skills, and abilities of the selected candidate in relation to the job.
parental leave, 401(k)
United States, D.C., Washington
725 17th Street Northwest (Show on map)
Jan 30, 2025

You've stumbled upon the rare B Corp government contractor! At TCG, we aim to prove that businesses can be good to their employees and responsible to their community while being profitable. We're an award-winning IT solutions provider to the Federal government seeking a Senior Security Engineer to join our team.

US Citizenship is required for this role. In addition, the selected applicant must submit to a government background investigation and be favorably adjudicated before their first day.

This position is primarily remote but will require occasional in-person meetings. The selected applicant must live within commuting distance of Washington, D.C.

RESPONSIBILITIES:



  • Performing security reviews of all application code before deploying to production environment and provided the results of the review to the MAX.gov ISSO
  • Monitoring existing COTS products and Open Source tools and products for new security vulnerabilities or patches
  • Assessing risks from identified security vulnerabilities and providing expert recommendations on mitigations
  • Reviewing software and hardware architectures for security implementations, assessing and reporting risks of these designs.
  • Daily monitoring of systems for active attacks and break-ins, ensuring reporting and tuning these monitoring systems
  • User profiling and analysis, reporting and active defense using Fortinet and OSS technologies
  • Monitoring and tuning system configurations to improve performance and address errors
  • Supporting development teams in implementing application specific monitoring for availability and functionality
  • Mentoring team members on new and advanced techniques and technologies
  • Ensuring monitoring and defense against APTs
  • Fortinet WAF and firewall administration and maintenance
  • Cleaning up data spills and attending briefings on current security threats
  • Managing Blue and Red team assessments, running practice scenarios
  • Review and add defense in depth techniques to exist security profiles


REQUIRED SKILLS:



  • A minimum of 8 years of relevant security and technical experience
  • Independent problem-solving skills, strong analytical abilities, creativity, and a clear appreciation of end customer needs
  • Demonstrated ability with advanced code assessment tools and reviewing their results for both dynamic and static scans (OWASP, SANS, CIS, etc)
  • Experience with programming in some combination of Java/Perl/PHP/C/C++/go/Ruby/Python
  • Working knowledge of web protocols (including lower layers, packet disassembly, routing, switching), ability to perform diagnostics, and knowledge of security best practices
  • Experience with compliance controls and security hardening for a US Government computer system at the FISMA Moderate or High levels.
  • Advanced automation skills in bash shell scripting, python, curl, etc
  • Multiple years of cross domain experience in IT domains such as network administration, database administration, or software development
  • Ability to create system documentation for ongoing system management
  • Demonstrated ability to communicate effectively, both orally and in writing
  • Demonstrated ability to learn new technologies and skills
  • Must be skilled at planning and organizing
  • Must be adept at prioritizing, problem assessment, and problem-solving
  • Must demonstrate attention to detail and accuracy
  • Must have a strong customer service orientation
  • Must be flexible and adaptable
  • Ability to work directly with clients at all levels of an organization, including high-level internal and external stakeholders


PREFERRED SKILLS:



  • Offensive Security Certified Professional (OSCP) certification
  • Troubleshooting, debugging, and diagnostic skills in a complex IT environment
  • Familiarity with at least one Continuous Integration/Continuous Delivery (CI/CD) mechanism.
  • System administration experience building, configuring, and assessing Windows/RHEL/Ubuntu/Containers
  • Working knowledge of various security-focused enterprise toolsets
  • Experience with COTS product installation, integration & support
  • Experience with CSS and graphing libraries
  • Fortinet Firewall Administration and maintenance
  • Experience with information gathering and information monitoring, working knowledge of Risk Management Framework (RMF)
  • Ability to create system documentation for ongoing system management
  • Experience in an Agile/Scrum development environment
  • Proficiency with MS Excel, MS Word and other MS Office applications


EDUCATION:



  • Bachelor's degree preferred, preferably in Computer Science, Information Technology, or a related field. Experience may be substituted in absence of a degree


TCG does not discriminate based on race, sex, color, religion, national origin, age, disability, caste, or veteran status.

Our B Corp mission is reflected in our benefits, including offerings like health care, 401K, parental leave, adoption assistance, financial planning services, student loan repayment assistance, and training budget. There's more, see for yourself.

TCG is recognized for treating employees well, in fact, in 2024 The Washington Post named TCG as a "Top Workplace" for the tenth straight year based on how our employees feel about the company, the benefits TCG offers, and the work/life balance that our staff achieves. Our CEO was ranked best, by TCG employees' votes, among all midsize companies in the Washington Post Top Workplace survey.

Try us ... we'll make you happy.

Internal title/grade: System Engineer, E4
Salary Range: $125,000 - $150,000

All individuals being hired to work for TCG must submit to, and successfully pass, a pre-employment background investigation prior to reporting for their first day of work. The pre-employment background investigation will include verification of employment and education, as well as, a criminal and DMV check.

Additional documentation and background checks will also be required for positions that require clearance from the Federal government.

Applied = 0

(web-6f6965f9bf-tv2z2)