Senior Security Engineer

GridIron IT is hiring a Senior Security Engineer to work on a remote basis.

This role offers the exciting opportunity to manage vulnerabilities, conduct security scans using leading tools, and oversee the security infrastructure. You'll gain a strong understanding of FedRAMP and compliance frameworks to maintain high-security standards for our multinational environment.

Job Duties:
Implement and manage vulnerability assessments using Nessus, Burp Suite, and other security tools.
Take ownership of the FedRAMP Plan of Action and Milestone (POAM).
Refine and oversee the Web Application Firewall (WAF) for robust threat protection.
Collaborate actively within the Incident Response Team to address and mitigate security incidents promptly.
Conduct thorough log reviews and security impact assessments to ensure continuous operational integrity.
Advocate for security best practices across the organization, ensuring alignment with FedRAMP and other compliance frameworks.
Engage in a collaborative, multicultural team setting, fostering knowledge sharing and effective communication.
About the Team
Join this elite team of security experts. While overseeing security infrastructure, this team plays a vital role in a culture that values innovation, teamwork, and personal development.

Requirements:
US Citizenship is required for this role due to federal contractor compliance requirements.
Experience with security and compliance frameworks, especially FedRAMP.
Experience with FedRAMP continuous monitoring.
Proficiency in vulnerability management tools like Nessus and Burp Suite.
Strong knowledge of Security Information and Event Management (SIEM) solutions such as Splunk.
Working knowledge of cloud technologies such as AWS and Microsoft Azure.
Ability to contribute effectively to Incident Response and perform detailed log analysis.
Excellent communication skills and the capacity to work productively in a team-oriented, collaborative environment.
Minimum of 5 years in a security role with vulnerability management experience.

Preferred Skills:
A degree in Cybersecurity, Information Technology, Computer Science, or related fields.
Advanced knowledge and experience with WAF management.
Relevant cybersecurity certifications (e.g., CISSP, CEH, GIAC).
Experience in collaborative multinational team environments.
Practical understanding of application security and cloud-native technologie