Senior Security Engineer

Job DescriptionSenior Security Engineer Location: Richmond, VA/ Remote Duration: 1 year Description: Duties/Responsibilities: Engineering, implementing and monitoring security measures for the protection of computer systems, networks and information Secures and hardens Client''s infrastructure including but not limited to systems, networks, endpoints, SaaS integrations, and cloud resources Proactively protects the confidentiality, integrity and availability of information in the custody of or processed by the company by: responding in a timely manner to a loss or misuse of network assets; participating in investigations of suspected network misuse or in compliance reviews as requested; communicating unresolved network security exposures, misuse, or noncompliance situations to management Reviews network and system changes on a weekly basis, provides technical recommendation, risks and impact analysis Analyzes reports from various reporting tools to identify potential faults and provides recommendation for improvements Coordinates threat intelligence gathering and converts data into actionable detection and prevention methods Performs internal and external penetration tests Collaborates with operational teams to identify, resolves and mitigates risk and vulnerabilities Monitors daily threat intelligence research and interacts with external security organizations Maintains endpoint security baseline standards and policies and ensures compliance with Desktop Engineering Reviews operation logs and event console activity to determine cause of network security-related events or to identify potential security-related events Ensures all systems and networks are being monitored and logged Implements automation for security tasks Supervises the instillation of new software and hardware Analyzes and implements new security protocols and technologies Maintains the integrity of hardware and software Assists IT Operations with patching and vulnerability management Stays informed of emerging security technologies and evaluates their value to the organization''s operations Identifying and defining system security requirements Analyzes and defines business requirements to determine specifications and standards; proposes and develops security solutions Develops and implements detection use cases Develops and delivers complex security reports to management Audits, detects and remediates critical security exposures in private/hybrid/public Cloud Infrastructure Identifies new security threats by conducting continuous monitoring, penetration testing, vulnerability assessments and log analysis Researches, evaluates, designs, tests, recommends and plans implementation of new or improved network security software or devices: analyzes new or enhanced software applications or tool implementations for implications to existing network security Maintains strong awareness of events in the external community to identify threats and opportunities for enhancement Incident ResponseActs as the primary point of escalation and investigation for security events Performs incident response, issue resolution, and assessment or communication of risk to the team and provides support by monitoring real-time alerts Investigates security breech alerts Develops and maintains incident response procedures; trains stakeholders on appropriate action plans Designing computer security architecture and developing detailed cyber security designs Translates Client''s information security strategy and hyper converged architecture into a highly available and secure technical implementation in accordance with best industry practices Partners with ISO and stakeholders to provide secure and documented integrations for SaaS and application suites Establishes advanced cyber analytics through the use of software and security tools. Analyzes ecosystem to proactively identify threats or potential threats Investigates and remediates cyber threats, works with internal and external parties when required Provides security configurations and solutions to identify and remediates threats Serves as a Cyber threat hunter and review security events to identify and prioritize potential threats and trends Creates correlations and other logic to identify attackers and defend against advanced attacks Determines and develops security architecture approaches and solutions, conducts business reviews and develops detailed specificationsQuality Control: Abides by the Client Technology policies, standards, procedures and guidelines and following ITIL best practices. Reviewing and creating documentation relating to upgrades and new releases and performance standards and ensuring on-going currency and relevance to Client''s IT Security Policy. Leads others in area of IT security specialization and ensures standards are followed and quality is achieved Provides all requested information and configuration documentation to the Internal Audit Division during the annual Security Evaluation of Internal Controls auditKnowledge/Skill Requirement: Skills and Knowledge: Experience with large scale systems, networking and security infrastructure Hands on experience with Windows, Linux OS hardening and critical services like DNS, Active Directory, Proxy etc. Threat/Intrusion Detection, Vulnerability Management, & remediation techniques Strong knowledge of security concepts and technologies such as IDS/IPS, VPNs, D/DoS Experience of Security Controls in public cloud is a plus Experience in supporting the security part of NSX is a plus Experience in Microsoft E5 Security Suite (O365/Azure), Infoblox, Palo, ASA is a plus Expert in common security tools used in an enterprise setting such as Tenable Security Center, Wireshark, Metasploit, Snort, Backtrack, BurpSuite, etc. Experience in two or more of the following security domains: network investigations, OSINT, threat hunting, threat intelligence, security engineering, pen testing, digital forensics (computer, memory, network, cloud, virtualization), malware analysis. Experience using Security Information Event Management (SIEM) products and technologies such as Splunk, Archsight, Qradar, etc. Experience in any scripting language like: Python, Perl, Shell etc. Clear understanding of network protocols such as TCP/IP, HTTPS, SSH, TLS, DNS, SMTP, 802.1X etc. Strong process management background with a keen interest in process development Expertise to manage SOPs, process adherence by teams & an eye for continuous improvement Excellent interpersonal and collaborative skills Strong written and verbal communication skills with the ability to communicate security and risk-related concepts to both technical and non-technical audiences Ability to multi-task, prioritize, coordinate and work well under pressure to meet deadlines - Ability to effectively adapt to rapidly changing technology and apply it to business needs and to marry multiple tools together to solve problems. - Strong analytical and problem-solving background. - Solid project management skills planning and monitoring projects, with ability to multitask and manage/co-manage multiple small to large projects in a cross-functional environment. - Solid analytical and problem-solving skills. - Ability to contribute to Network Operations efforts to establish and maintain a high level of customer trust and confidence in the team''s knowledge of and concern for customers'' business needs. - Team-oriented interpersonal and communication skills; ability to communicate complex technical information in a concise and articulate manner. - Ability to work with customers of varying levels of technical ability. As an equal opportunity employer, ICONMA prides itself on creating an employment environment that supports and encourages the abilities of all persons regardless of race, color, gender, age, sexual orientation, citizenship, or disability.

Created: 2025-11-15