Your browser cookies must be enabled in order to apply for this job. Please contact if you need further instruction on how to do that.

Senior Security Engineer - TS/SCI with Polygraph

Security | Fulton, MD | Full Time

Job Description

About Us: Engineers solving real-world problems

Every day we support missions that matter with work across cloud infrastructure, cyber security and development operations (DevOps).

At Stratus, you will solve real-world problems, work amongst others who share your passions and feed your ambition. Our company was built by and is run by engineers who not only realize the importance of hiring those who are great at what they do, but also understand and grant the autonomy you need to achieve success. We give you the tools you need to “empower” your career.

Your Mission: Become proficient in cloud security through exposure to Amazon Web Services (AWS).

Enhance your current cloud security skillset by designing, implementing, and monitoring cutting edge AWS-based security solutions. You will be given the opportunity to work alongside cloud computing experts in an effort to secure infrastructure and development environments while growing your own cloud security knowledge and expertise. This is a multi-faceted position requiring you to spend time working directly with AWS services, and the underlying operating systems themselves, to implement security controls, improve security automations, and help build an accreditable ATO environment from the ground up.

A day in the life: (just a few of the things you may do on any given day)

  • Collaborate with team members to architect secure solutions to complex technological problems
  • Evaluate security products and recommend solutions for control enhancement
  • Leverage built-in AWS services and custom workflows to build security automation
  • Develop integration plans for new security products
  • Analyze audit and log data for security-relevant events
  • Perform vulnerability scans and work to increase automation of remediation efforts
  • Contribute to Authority to Operate (ATO) documentation and hardening tasks

You will excel in this role if you are:

  • Embracing Emerging Technology: You will leverage AWS and its accompanying tools/services daily as you help build and stand up a complete security architecture
  • A Creative Communicator: You can communicate with audiences of varying technical ability in a language each understands (This is a user-facing role and you will be working with a highly technical team)
  • Agile: Able to work as part of small team working together to develop a solution for government customers.
  • Motivated: You want to continually learn new things and work with new technologies.
  • Focused on Automation: Wherever possible, you look for ways to automate manual security processes to increase efficiency, speed, and operability of tasks.

What we are expecting from you (i.e. the qualifications you must have):

  • At least six years experience in infrastructure engineering.
  • Signifcant experience with Windows and Linux operating system environments.
  • Expertise with Linux and Windows configuration management and security administration.
  • Experience working with a multitude of infrastructure security tools/products performing IDS/IPS, log aggregation/analysis, and vulnerability scanning functions.
  • Experience with infrastructure scripting solutions such as PowerShell or Python.
  • Excellent oral and written communication skills with a keen sense of customer service.
  • Excellent problem solving and troubleshooting skills.
  • Process oriented with great documentation skills.
  • TS/SCI with Polygraph 
  • BS in Computer Science, IT, IS, or equivalent area of technical study (An additional 4 years of IT experience can substitute for a BS Degree)

Nice to have:

  • AWS experience preferred, but not mandatory. At a minimum, you should have an understanding/ knowledge of AWS architectures, capabilities, and services
  • AWS Solutions Architect, Developer, or SysOps Administrator Associate Certification
  • Experience with configuration management platforms (e.g. Puppet, Salt, Ansible)
  • Experience with hardware and software certificate deployment
  • Experience with development of hardware and software VPN solutions
  • Experience with managing and customizing log aggregation tools such as Splunk, NiFi, etc.
  • Experience with managing and customizing system monitoring tools such as SolarWinds, Nagios, etc.
  • Experience managing a distributed vulnerability scanning environment using Tenable, Rapid7, OpenVAS, etc.
  • Experience with deploying and managing IDS/IPS systems such as Cisco Firepower, Snort, etc.
  • Technical certifications from organizations such as AWS, Cisco, RedHat, Microsoft, etc.
  • Industry-recognized security certifications such as CISSP, Security+, CEH, etc.
  • Demonstrated expertise working with traditional networking elements including routers, switches and firewalls across multiple product lines including Cisco and PaloAlto.
  • Experience working in ever changing dynamic environments

What We Will Provide In Return:

  • Excellent compensation and amazing benefits that include top of the line BCBS PPO coverage with ZERO deductibles. We pay for 100% of the employee premium and cover 90% of your dependent’s premium.
  • 10% 401K employer contribution with no employee contribution required.
  • Generous paid time off that includes sick, vacation and floating holidays as well as the ability to bank hours worked over target for use as leave within the same quarter.
  • Employee centric culture and a belief that we should hire those who are good at what they do and then give them the tools they need to achieve success, further their expertise and grow their career.
  • A commitment to learning and growth and easy ways to achieve both including a training budget, education assistance, mentorship programs and collaborative learning sessions.
  • A collaborative environment that fosters communication via slack, internal messaging boards and email lists, our employee newsletter and an open-door policy.  EEO/AA including Vets and Disabled.