Sr. Security Engineer
Long-Term Contract
Atlanta, GA
QUALIFICATIONS: - Bachelor's degree in information security, Computer Science, or a related field.
- CISSP (Certified Information Systems Security Professional)
- AWS Cloud Certifications
- CISM (Certified Information Security Manager)
- Other cybersecurity-related certifications.Highly motivated and results-driven professional with substantial experience in designing, implementing, and managing PKI and security solutions.
- In-depth understanding of PKI concepts, security properties, and related technologies.
- Proficient in supporting PKI-based products, including web servers, certification authorities, and common PKI protocols (SSL/TLS, HTTPS, LDAPS).
- Hands-on experience with certificate authority (CA) implementation in compliance with the Federal PKI (FPKI) Common Policy Authority.
- Skilled in reviewing and patching Red Hat Certificate System source code for defects, as well as developing new capabilities.
- Strong expertise in PKI engineering support, troubleshooting, and HSM (Hardware Security Module) design and implementation.
- Working knowledge of OSI layer 2-7 security tactics and defense mechanisms against various types of attacks.
- Proven track record of collaborating with teams to deliver projects on time and in alignment with business specifications.
TECHNICAL SKILLS: - Scripting & Programming: Proficient in PowerShell, Batch, JSON, Python, YAML, etc.
- PKI Expertise: Advanced knowledge of PKI design, implementation, administration, and provisioning in AWS (KMS, CloudHSM, ACM, CloudFront, Secrets Manager, CloudTrail).
- PKI Protocols & Products: In-depth experience with PKI-based products and protocols such as SSL/TLS, HTTPS, LDAPs, etc.
- Cloud Security: Expertise in cloud security technologies, including automating certificate renewal and lifecycle management.
- Microsoft & Venafi: Experience integrating Venafi with Microsoft PKI technologies and public PKI providers.
- Mainframe Security: Experience with IBM Mainframe encryption (TKE, UKO, SGKLM).
- Identity & Access Management: Skilled in identity management, provisioning, authentication, authorization, and HSPD-12 compliance.
- Incident Response & Forensics: Proficient in responding to security breaches, conducting forensic investigations, and deploying incident response measures.
- Security Tools: Experience with encryption, firewalls, intrusion detection systems, and other security measures.
- Automation & Scripting: Expertise in automating security processes, managing certificate renewals, and scripting security measures.
RESPONSIBILITIES: - Lead and enhance PKI program, ensuring alignment with compliance and regulatory requirements while supporting strategy, governance, implementation, and ongoing operations.
- Collaborate with system owners, business teams, and IT stakeholders to provide best-in-class PKI security strategies, driving long-term business objectives.
ADDITIONAL EXPERIENCE & RESPONSIBILITIES: - Design, test, evaluate, implement, and manage security systems to protect the organization's information assets.
- Collaborate with the technical team to recover data after security breaches and implement data recovery strategies.
- Configure and install firewalls, intrusion detection systems, and other security mechanisms to safeguard the infrastructure.
- Create and maintain security automation scripts to track and handle incidents efficiently.
- Perform vulnerability testing, risk analysis, and security assessments to identify and mitigate potential threats.
- Develop and implement disaster recovery plans and ensure business continuity in the event of security failures.
- Train and guide staff on security awareness and best practices, fostering a culture of cybersecurity within the organization.
"All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran."