FirstBank Jobs

Home View All Jobs (2,185,264)

Job Information

NANA Regional Corporation Sr. Cybersecurity Engineer in Herndon, Virginia

Overview

Work Where it Matters

Akima is not just another global enterprise and federal contractor. As an Alaska Native Corporation (ANC), our mission and purpose extend beyond our exciting federal projects as we support our shareholder communities in Alaska.

At Akima, the work you do every day makes a difference in the lives of our 15,000 Iñupiat shareholders, a group of Alaska natives from one of the most remote and harshest environments in the United States.

For our shareholders , Akima provides support and employment opportunities and contributes to the survival of a culture that has thrived above the Arctic Circle for more than 10,000 years.

For our government customers , Akimadelivers agile solutions in the core areas of facilities, maintenance, and repair; information technology; logistics; protective services; systems engineering; mission support; furniture, fixtures & equipment (FF&E); and construction.

As an Akima employee , you will be surrounded by a challenging, yet supportive work environment that is committed to innovation and diversity, two of our most important values. You will also have access to our comprehensive benefits and competitive pay in addition to growth opportunities and excellent retirement options.

Job Summary:

Akima is seeking a highly motivated and experienced Senior Security Engineer to join our growing team. You will play a critical role in designing, implementing, and maintaining a robust security posture to protect our IT infrastructure and data from cyber threats.

As a Senior Security Engineer, you will be responsible for a wide range of security activities, including security architecture, threat detection and response, and security operations management. You will work collaboratively with other teams to ensure our security posture aligns with business objectiv

Responsibilities

Job Responsibilities:

  • Security Architecture & Design:

  • Design and implement secure system architectures, controls, and procedures aligned with industry best practices (NIST CSF, MITRE ATT&CK) and compliance frameworks.

  • Champion the integration of security considerations throughout the software development lifecycle (DevSecOps).

  • Stay informed on emerging security threats and trends to proactively improve our security posture.

  • Threat Detection & Response:

  • Oversee the implementation and tuning of security monitoring tools (SIEM, XDR) for effective threat detection and incident response.

  • Lead incident response activities, including investigation, containment, eradication, and recovery.

  • Develop and maintain security playbooks to ensure efficient incident handling.

  • Security Operations Management:

  • Manage and maintain security processes, ensuring continuous operational readiness and system protection.

  • Provide technical and analytical leadership for evaluating and recommending new security tools and technologies (cloud security, container security).

  • Collaborate across the organization to integrate security initiatives with business objectives.

  • Other:

  • Mentor junior security team members on best practices and security tools.

  • Develop, implement, and maintain the organization’s GRC framework to ensure compliance with industry standards and regulations.

  • Conduct risk assessments and analyze the potential impact on the organization’s operations, making recommendations to mitigate identified risks.

  • Monitor and evaluate compliance with security policies, procedures, and regulatory requirements

  • Collaborate with cross-functional teams to integrate GRC practices into business processes and ensure effective risk management.

  • Prepare and present detailed reports on compliance status, risk assessments, and mitigation strategies to senior management.

  • Facilitate internal and external audits, ensuring all necessary documentation and evidence of compliance are readily available.

  • Stay updated on evolving regulatory requirements, industry standards, and best practices in GRC.

  • Provide training and guidance to staff on GRC policies and procedures to promote a culture of compliance within the organization.

  • Manage incident response processes and ensure timely reporting and resolution of security incidents in accordance with regulatory requirements.

  • Performs work under minimal supervision. Handles complex issues and problems, and refers only the most complex issues to higher-level staff. Possesses comprehensive knowledge of subject matter. May act as a lead.

Qualifications

Minimum Qualifications:

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (required).

  • Minimum 5-8 years of experience in information security, with a focus on security architecture, threat detection & response, and security operations management (required).

  • Experience with incident detection, response, and forensics (required).

  • Experience with design, delivery, and management of security information systems (required).

  • Strong analytical, problem-solving, and decision-making skills.

  • Excellent communication, collaboration, and interpersonal skills.

  • Ability to work independently and as part of a team.

  • Ability to manage multiple priorities and meet deadlines in a fast-paced environment.

  • T echnical Skills (Essential):

  • Working knowledge of security technologies including firewalls, VPNs, DLP, IDS/IPS, and web proxies.

  • Expertise in security information and event management (SIEM) technologies (Splunk, Elastic Stack etc.).

  • Experience with threat detection, incident response, and forensics methodologies.

  • Proficiency in scripting languages (Python, Bash) for automation and security tooling.

  • Strong understanding of system security engineering (SSE) principles and processes.

Desired Qualifications:

  • Technical Skills (Preferred):

  • Experience with cloud security principles and best practices (AWS Security, Azure Security etc.).

  • Experience with container security (Docker, Kubernetes).

  • Certifications such as CISSP, CRISC, CISM, CCSP.

  • Cisco or Palo Alto certifications (CCNA, CCIE, PCNSE, PCDRA).

We are an equal opportunity employer and comply with all applicable federal, state, and local fair employment practices laws. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law. If you are an individual with a disability, or have known limitations related to pregnancy, childbirth, or related medical conditions, and would like to request a reasonable accommodation for any part of the employment process, please contact us at job-assist@akima.com or 571-353-7053 (information about job applications status is not available at this contact information).

Job: Information Technology

Travel: None

Organization: Akima

Clearance: Able to Obtain Secret

Work Type: On-Site

Remote: No

ReqID: 2024-11460

DirectEmployers