Senior Cybersecurity Engineer

November 22, 2024

Apply Now

Receive Emails with Similar Jobs

Rise8

WebsiteLinkedInAll Job Openings

Rise8 is a technology company that specializes in delivering critical software solutions for government agencies, particularly in the GovTech sector. The company is known for building, deploying, and utilizing complex, critical software at high speeds, often completing projects in under 180 days. Rise8's core capabilities include cloud and platform applications, cybersecurity, compliance, and product execution. They are focused on helping government agencies regain their tactical advantage by providing fast, innovative software solutions and bypassing bureaucratic status quos.

Agile Software Development • DevOps • Lean Product Management • User Centered Design • Digital Transformation

51 - 200 employees

🏛️ Government

📋 Description

• Secure cloud-based environments by designing and implementing native security solutions using services. • Drive Continuous RMF practices, automating control implementation and reporting through modern methodologies like Continuous Authorization to Operate. • Automate provisioning and configuration of IT environments using tools such as Terraform, Ansible, Puppet, and Chef. • Implement and manage security measures like firewalls, IDS/IPS, vulnerability scanning, encryption, and ICAM solutions. • Secure containerized and large-scale cloud production systems while responding effectively to security incidents. • Apply advanced cybersecurity concepts to protect systems, including threats, vulnerabilities, encryption, boundary defense, and risk management. • Establish and manage identity and access management policies, ensuring least-privilege access and cross-account role adherence. • Create and maintain engineering artifacts, such as network diagrams, data flow diagrams, installation procedures, and operational manuals. • Enforce cloud-native security best practices, leveraging frameworks like AWS’s Well-Architected Security Pillar • Collaborate with cross-functional teams to integrate Zero Trust principles into the broader security posture, aligning with DoD policies such as the Risk Management Framework (RMF) • Apply and operationalize RMF, FedRAMP, and DISA CC SRG controls, ensuring compliance with DoD Impact Levels. • Collaborate with cross-functional teams to integrate lean and agile practices into secure development lifecycles. • Train and mentor security engineers, fostering growth and upskilling of the cybersecurity practice team members. • Contribute to the continuous improvement of cybersecurity practices, ensuring systems are secure, scalable, and compliant. • Lead incident response efforts, conducting thorough root cause analyses and implementing post-mortem findings. • Work in a dynamic, collaborative environment that supports your professional development.

🎯 Requirements

• A background of 6-10 years of experience in cloud/platform operations or related roles, with a focus on implementing and maintaining secure and compliant systems in diverse environments. • Strong proficiency in securing AWS GovCloud and Azure GCC High environments, including applying security controls, conducting vulnerability scans, and ensuring compliance with DoD standards. • Expertise in container orchestration, specifically Kubernetes, with a focus on implementing security best practices, ensuring container runtime protection, and automating vulnerability scanning. • Expertise with monitoring and observability platforms, including integrating security monitoring tools and automating anomaly detection workflows. • Proven experience in incident management and troubleshooting large-scale distributed systems, with a focus on mitigating security incidents and performing root cause analysis for vulnerabilities. • Strong proficiency in Infrastructure as Code (IaC) tools, such as Terraform, including automating the implementation of security policies and controls within IaC pipelines. • Subject Matter Expertise in Linux Operating Systems administration, with a focus on hardening techniques, patch automation, compliance enforcement and bash scripting languages (Python, Bash, PowerShell) • Strong understanding of networking concepts and practical experience with securing technologies like Load Balancers, DNS, SSL, Firewalls, NAT, and NTP, including applying network-level security policies. • Excellent communication skills to articulate security risks, advocate for secure practices, and collaborate in team environments to address challenges effectively. • A proactive mindset for skill growth, tackling complex security tasks, and driving the implementation of cutting-edge cybersecurity practices. • A degree (BA/BS) in Computer Science, Cybersecurity, or a related field, or equivalent practical experience, with a focus on secure systems and automation.

🏖️ Benefits

• Flexible schedule in a 100% distributed workforce • Premium Insurance: We cover up to 100% of the employee premium and up to 80% of the combined dependent premium on our base health plan, depending on pay band. We also cover 100% of the premium for employee and dependent Dental and Vision as well as employee premiums for Life and Disability coverage. • Retirement: 401k match at 10% gross pay. • Paid time off (PTO): 4 weeks combined accrued vacation and sick leave, 10 Federal holidays, your birthday, jury duty, and bereavement. • Education & Training: Accrued budget of up to $3,500 per year for classes, travel, events, and materials. • Home Office and Merch: We offer $750 per year for home office technology and equipment as well as $100 per year for Rise8 merch from our Swag Store. • Wellness Budget: To encourage and support a well-rounded healthy lifestyle, we cover 100% reimbursement on a variety of wellness activities and products, up to $500 per calendar year. • Rise8 is part of the Life Time Corporate Partner program. In lieu of your $500 annual wellness benefit, you can instead get a $75 monthly credit towards a Life Time membership ($900 annual benefit). • Equipment: We offer a MacBook Pro