Cyber Security Engineer SME

Overview:

Abacus Technology is seeking a Cyber Security Engineer to provide security support for the Federal Aviation Administration (FAA). This is a full-time position.

Responsibilities:

• Design and implement security architecture that addresses the unique security challenges of multi-cloud environments and ensure architecture is scalable, secure, and compliant with organizational and regulatory requirements.
• Ensure adherence to government regulations, including understanding and applying NIST controls and prepare and support regular audits and assessments to verify compliance with applicable standards using FAA security tools such as CSAM, and procedures such as POAM remediation.
• Set up and maintain security monitoring systems across multiple cloud platforms to detect and respond to threats and develop and implement incident response plans to address security breaches or vulnerabilities.
• Design and implement IAM strategies that ensure secure access to cloud resources across different platforms and regularly review and update IAM policies to maintain security and compliance.
• Develop automation scripts for security monitoring and incident response tasks using tools like Terraform, Ansible, or cloud-native automation tools and implement and maintain security tools and technologies that enhance the overall security posture such as Prisma Cloud CSPM (Cloud Security Posture Management) platform.
• Conduct regular vulnerability assessments and penetration testing to identify and remediate security weaknesses and ensure compliant process to deploy security patches and updates across cloud environments.
• Develop and maintain security policies and procedures that address multi-cloud security challenges and regulatory requirements and document security configurations, incident response plans, and compliance reports.
• Conduct training sessions and workshops to educate stakeholders about security best practices and compliance requirements fostering a culture of security awareness within the organization.

Qualifications:

10+ years experience in cyber security or information assurance including at least 5 years with cloud-based technologies. Bachelor’s degree in science, technology, engineering, mathematics, or a related field. Current relevant technical certifications (e.g., CISSP, MCSE, CISSP-ISSEP, CompTIA Security+, CompTIA Network+) strongly desired. Experience in assisting responses to external audits, penetration tests, vulnerability assessments, recommending and coordinating application fixes, patch management, risk assessments, and implementing security procedures in the event of a security breach. Experience supporting Federal government programs. Able to implement technical solutions to contractual requirements supporting NIST and FISMA requirements. Proven record of learning and adapting to new technologies. Able to demonstrate strong time management skills and the ability to communicate effectively with both stakeholders and technical staff. Able to work independently with minimal supervision as well as working with a team. Strong communication skills that can be adapted to both the technical and administrator level. Able to demonstrate strong attention to detail. Proficient in MS Office or MS365. Must be a US citizen.

*Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.*

*EOE/M/F/Vet/Disabled*