Security Engineer

Peraton is seeking an experienced and highly skilled Security Engineer to join our growing security team. The ideal candidate will bring years of hands-on experience in designing, implementing, and managing security solutions in a large, multi-tenant environment. In particular, this individual will have deep expertise in cloud security technologies, specifically within Azure and AWS environments, as well as experience with key security tools such as CrowdStrike, Splunk, and Tenable I.O.. Experience with additional EDR, SIEM, or vulnerability assessment tools is highly preferred.

The Security Engineer will be responsible for securing and monitoring cloud-based infrastructures, managing endpoint security solutions, and working with vulnerability management tools to ensure the organization’s security posture is robust and proactive. This is an excellent opportunity for a seasoned security professional with a strong background in networking, application security, and security operations to make a meaningful impact on a large-scale enterprise environment.

Day to Day Work Responsibilities:

• Cloud Security:
  • Design, implement, and manage security controls in AWS and Azure cloud environments, including identity and access management (IAM), encryption, networking security, and monitoring.
  • Ensure cloud security best practices are followed and leverage native security tools (e.g., AWS Security Hub, Azure Security Center) alongside third-party solutions.
  • Implement cloud infrastructure security monitoring, ensure proper segmentation and access control policies, and safeguard cloud workloads and data.
• EDR and Endpoint Security:
  • Hands-on configuration, management, and troubleshooting of CrowdStrike (or other endpoint detection and response tools), ensuring optimal endpoint protection across the enterprise.
  • Work with internal teams to monitor and respond to security alerts, review threat intelligence data, and escalate or remediate incidents as necessary.
  • Tune EDR systems to improve detection capabilities, reduce false positives, and enhance incident response effectiveness.
• SIEM Management and Incident Response:
  • Administer, configure, and maintain Splunk or other SIEM platforms for comprehensive event logging, correlation, and analysis.
  • Develop and tune Splunk queries and dashboards to enhance visibility into security events and incidents.
  • Support incident response by leveraging SIEM data to investigate alerts, conduct forensics, and assist in the triage and resolution of security incidents.
• Vulnerability Management:
  • Implement and manage vulnerability assessment tools, primarily Tenable I.O., to perform scans and identify weaknesses across enterprise systems, applications, and networks.
  • Collaborate with vulnerability management teams to prioritize and remediate vulnerabilities, track mitigation efforts, and verify that vulnerabilities are properly addressed.
• Security Architecture and Design:
  • Work closely with architecture and development teams to design secure systems, applications, and networks, with a focus on preventing vulnerabilities and improving system resilience.
  • Provide security input and guidance during the development lifecycle, ensuring secure coding practices and the proper use of security controls.
• Network Security:
  • Apply your expertise in network security to configure and maintain secure network architectures, including firewalls, VPNs, proxies, and intrusion detection/prevention systems (IDS/IPS).
  • Work to detect, prevent, and respond to network-based threats and anomalies.
  • Understand and implement network segmentation, micro-segmentation, and secure access policies to minimize attack surfaces.
• Automation and Integration:
  • Automate repetitive security tasks, improve security operations workflows, and integrate security solutions to streamline monitoring, alerting, and incident response.
  • Implement and manage security orchestration, automation, and response (SOAR) solutions to improve incident detection and response times.
• Security Monitoring and Threat Intelligence:
  • Continuously monitor cloud and on-premise infrastructures, endpoints, and networks for threats using advanced security monitoring tools.
  • Analyze threat intelligence feeds to identify emerging risks and proactively implement measures to defend against new attack vectors.
  • Stay updated on the latest threat trends, vulnerabilities, and exploit techniques, and share knowledge with other team members.
• Collaboration and Documentation:
  • Work closely with cross-functional teams (engineering, IT, operations, etc.) to ensure security best practices are integrated throughout the organization's systems, applications, and processes.
  • Maintain detailed documentation of security architecture, configurations, processes, and incident reports for audit and compliance purposes.
  • Provide training, mentorship, and guidance to junior security team members.

Basic Qualifications:

• 8 years experience with a Bachelors degree or 12 years experience with a HS Diploma
• Minimum of 8 years of professional experience in security engineering or a similar role in a large, multi-tenant environment.
• Hands-on experience in cloud security with AWS and Azure, including managing IAM policies, securing cloud infrastructure, and implementing cloud security best practices.
• Proficient with EDR tools such as CrowdStrike and experience in the deployment, configuration, and troubleshooting of endpoint security solutions.
• Strong expertise with SIEM platforms, especially Splunk, for security event management, monitoring, and incident response.
• In-depth knowledge of vulnerability assessment tools, particularly Tenable I.O., and experience running scans, interpreting results, and remediating vulnerabilities.
• Strong background in networking technologies (TCP/IP, DNS, HTTP/HTTPS, VPNs, firewalls, etc.) and network security protocols (SSL/TLS, IPSec, etc.).
• Proficient with operating systems (Linux, Windows, Unix) and their associated security controls.
• Experience with application security, including secure coding practices, vulnerability scanning, and threat modeling.

Preferred Qualifications:

• Bachelor’s degree in Computer Science, Information Security, Network Engineering, or related STEM field
• Familiarity with security automation and orchestration platforms (e.g., SOAR solutions).

•  Certifications (one or more of the following is a plus):
• CISSP (Certified Information Systems Security Professional)
• AWS Certified Security – Specialty
• Azure Security Engineer (Microsoft Certified: Azure Security Engineer Associate)
• CEH (Certified Ethical Hacker)
• CompTIA Security+ or other relevant security certifications.
• Experience with other EDR, SIEM, or vulnerability management tools such as Palo Alto Networks, Rapid7 Nexpose, or Qualys is a plus.
• Familiarity with container security (e.g., Docker, Kubernetes) and securing CI/CD pipelines.
• Excellent problem-solving skills, with the ability to investigate complex security incidents and root causes.
• Strong communication skills, both written and verbal, with the ability to explain complex security concepts to technical and non-technical stakeholders.
• Ability to work in a fast-paced environment, manage multiple priorities and meet deadlines. 

Working Conditions:

• Full-time position located at [Insert location] or available for remote work based on company policies.
• Occasional on-call availability for critical security incidents.
• Collaborative, fast-paced work environment with opportunities for continuous learning and career development.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can’t be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we’re keeping people around the world safe and secure.