Overview
Security Engineer Jobs in Washington, District of Columbia, USA at Lifelancer
Title: Security Engineer
Company: Lifelancer
Location: Washington, District of Columbia, USA
Type: Full Time
Category: IT/Tech, Security
Location :
Remote – local to DC area is preferred
Work Type :
Remote
Remote Work
: 100%
Job Description
The Cyber Security Analyst is responsible for monitoring, analyzing, and enhancing the security posture of the ACL Cloud environment. This role primarily involves threat monitoring, incident response, vulnerability assessment, and supporting compliance efforts required by Federally Mandated governance. The Analyst will collaborate with
cross-functional teams
to implement security measures, investigate incidents, and maintain security tools, ensuring the organization remains proactive against evolving cyber threats.
Responsibilities
• Enterprise Threat Monitoring and Incident Response :
– Monitor the ACL Cloud environment, system logs, and security alerts using enterprise-grade SIEM tools (e.g., Splunk, QRadar, Arc Sight, Azure Defender, Kubernetes Security, Azure Monitor) for anomalies, such as unauthorized access attempts, unusual data flows, breaches, large data transfers, and port scans, as well as any performance degradations.
– Investigate and respond to security incidents, gathering evidence, analyzing logs, and coordinating remediation efforts.
– Provide actionable recommendations to prevent the recurrence of security incidents.
– Continuously assess the security posture of ACL systems, identifying and implementing areas for improvement.
• Security Tools Configuration and Maintenance :
– Configure, manage, and maintain ACL’s security monitoring tools to ensure continuous protection.
– Regularly review system configurations and update settings based on industry standards and best practices.
– Collaborate with Infrastructure and Architecture teams to address cloud misconfigurations and implement enhanced security measures.
• Alert Management :
– Set up and optimize security alerts within ACL monitoring tools to identify potential threats.
– Prioritize and triage alerts based on severity, escalating critical incidents to appropriate teams for resolution.
• Vulnerability Assessment and Penetration Testing :
– Conduct routine vulnerability scans and coordinate system penetration testing to identify and address potential security weaknesses.
– Document and report vulnerabilities, providing actionable recommendations for remediation.
– Review and validate false positive justifications to ensure accuracy in threat detection processes.
• User Activity Monitoring :
– Track and analyze user behaviors and patterns to identify suspicious activities, including failed login attempts, unusual access patterns, and potential misuse of privileges.
– Define baseline user behavior patterns and establish thresholds for anomaly detection to improve monitoring accuracy.
• Cybersecurity Roadmap :
– Conduct gap analysis on ACL security tools and processes, identifying areas for improvement and implementing solutions.
– Develop and enhance security techniques, protocols, and designs, adhering to industry best practices and standards, including DISA STIGs.
– Research and implement new security technologies to advance ACL’s cloud security capabilities.
– Stay informed on emerging threats, vulnerabilities, and cybersecurity trends to enhance monitoring processes and refine security policies.
…
