Sr. Systems Security Engineer

United States·WashingtonFull Timesenior

EngineeringSecurity Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Key Responsibilities

Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies,

Technical Tools

EngineeringSecurity Engineer

Be Challenged and Make a Difference

In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.

AnaVation is looking for a Sr. Systems Security Engineer/System Administrator to assist the customer with engineering and administration tasks. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members.

Responsibilities

~3 min read

→Performing hands-on engineering, administration, and securing of multiple operating systems (e.g., Windows, RHEL, Unix variants), and applying DISA STIGs across diverse vendor technologies, including virtualization platforms (VMWare, Hyper-V), cloud environments (AWS, Azure, Google Cloud), and enterprise applications.
→Perform system administration tasks to include patching, audit log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance.
→Contribute to the design and development of secure system architectures, ensuring security is integrated through system and network lifecycles.
→Evaluate, implement, and document security architecture solutions, aligning with compliance requirements and organizational mission needs.
→Ensure technical compliance with applicable security frameworks, standards, and regulations (e.g., DISA SITGs, NIST 800-53, RMF).
→Conducting, configuring, and managing vulnerability scans.
→Conducting vulnerability remediations, patching, and system hardening.
→Collaborate with ISSOs, Assessors, System Owners, and other stakeholders to implement security controls.
→Support security assessments, audits, and accreditation/authorization (ATO) activities.
→Document security configurations, engineering solutions, and compliance evidence.
→Troubleshoot and resolve security-related technical issues in a timely manner.
→Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans.
→Providing Incident Response (IR) activities include triage, investigating, interviewing, resolving, and reporting on events.
→Promoting information security awareness across the program, ensuring security controls and processes are implemented.
→Presenting vulnerability analysis to system owners, and leadership.

This position requires a Public Trust.

This position is on-site in Washington, DC.

→5-10 years of experience in information system engineering and configuration management.

→5 years of experience in control implementation and secure system engineering or design.

→Excellent communication skills.

→Hands on experience with:

→Security monitoring and evaluation, including audits, assessments, and risk management

→SIEM tools (e.g., Splunk)

→Vulnerability Scanning tools (e.g., Tenable, Nessus)

→EDR tools (e.g., Crowdstrike)

→Active Directory administration

→Virtualization platforms

→SCCM

→Expertise in batch, bash, and/or PowerShell scripting

→Able to deliver and present security compliance to a wide range of audiences (i.e., system owners, division leadership).

→Server virtualization - design solutions and configuration (VMWare, VSphere, Hyper-V, etc)

→Experience with:

→Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases

→Agile Methodologies

→GRC Tools (e.g., CSAM)

→Strong desire to learn, grow and is highly motivated.

→Certifications: OS specific certifications, Security +

Personnel assigned to this task shall possess a blend of strong technical skills (networking, operating systems, security tools, programming, encryption) and essential soft skills (problem-solving, critical thinking, communication, collaboration) to design, implement, and maintain an information system’s security control implementation.

→Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP,

→Networking experience

→Education: Bachelor’s degree in Engineering, Computer Science, or Information Systems

→Certifications: CompTIA Server+, Cloud certifications (AWS, Azure, Google), Network+, CCNA, RHCSA, Azure (AZ-104, AZ-204, AZ-500, AZ-305), AWS Solutions Architect