Cyber Senior Systems Engineer

Pantex


Job Location:

Amarillo, TX - USA

Monthly Salary: Not Disclosed
Posted on: 6 hours ago
Vacancies: 1 Vacancy

Job Summary

Location: Amarillo TX - Pantex Plant
Job Title:
Cyber Senior Systems Engineer
Career Level From: Senior Associate
Career Level To: Specialist
Organization: Cyber Operations ()
Job Specialty: Cyber Security

What Youll Do

Pantex is seeking a highly skilled and motivatedSenior Systems Engineerwith a specialized focus onCybersecurity Operations.In this critical role you will be the cornerstone for designing implementing and optimizing the vital infrastructure that secures our enterprise. We are looking for a seasoned System Engineer with a profound operational understanding of cybersecurity principles capable of transforming complex security requirements into robust scalable and resilient technical solutions across on-premise cloud virtualized and containerized environments. You will be instrumental in developing maintaining and enhancing the proactive defense and rapid response mechanisms that protect our organization from an ever-evolving threat landscape.

Your core responsibilities will include:

  • Cybersecurity Operations Platform Engineering: Lead the engineering deployment and operational sustainment of core cybersecurity platforms. This includes serving as a subject matter expert for Splunk (Enterprise Security highly desired) optimizing its performance for security logging correlation and advanced threat detection. You will also manage and enhanceCisconetwork security devices (e.g. Firewalls Intrusion Prevention System (IPS) Proxies)Corelight Open Network Detection and Response (NDR) platform sensors and critical network visibility infrastructure likeGigamon packet brokersand other (NDR) platforms.
  • Secure System Architecture & Hardening (Linux/Windows/Red Hat): Architect and implement secure configurations and hardening standards for enterprise operating systems with a strong focus on Red Hat Enterprise Linux and Microsoft Windows Server. You will ensure the resilience and integrity of these systems in support of cybersecurity operations.
  • Cloud Security Operations & Infrastructure (Azure/M365): Design implement and maintain the operational security posture within our Azure/M365 environment. This includes managing secure configurations implementing and monitoring cloud security controls and integrating cloud-native security services with our broader security operations framework.
  • Advanced Virtualization & Container Security Engineering:Develop and implement operational security for Virtual Desktop Infrastructure (VDI) virtualized platforms and containerized environments (e.g. Docker Kubernetes). You will engineer solutions for secure image deployment runtime protection and integration of container security into monitoring and response workflows.
  • Endpoint Security Management & Automation:Engineer deploy and manage enterprise-wide Endpoint Detection and Response (EDR) platforms. You will be responsible for creating automating and optimizing security policies ensuring effective endpoint protection detection and integration with incident response playbooks.
  • Email Security System Ownership:Own the engineering configuration and operational management of enterprise Email Security Gateways (e.g.Cisco Secure Email / IronPort). You will develop and enforce advanced email security policies to combat phishing malware and other sophisticated threats impacting our users.

What Youll Do Continued

  • Proactive Threat Detection Hunting & Incident Response Integration:Collaborate with security analysts and incident responders to enhance our threat detection capabilities. You will engineer and automate data collection correlation rules withinSplunk and operationalize threat intelligence to support proactive threat hunting and rapid incident response leveraging rich network evidence from platforms likeCorelightandGigamon.
  • Network Security Infrastructure & Data Flow Optimization (Cisco Corelight Gigamon Focus):Design and optimize network security infrastructure includingCiscodevicesCorelight sensors andGigamon packet brokers to ensure comprehensive visibility and efficient data flow for security monitoring. You will apply advanced knowledge of networking protocols (e.g. Transmission Control Protocol/Internet Protocol (TCP/IP) Domain Name Server (DNS) Hypertext Transfer Protocol Secure (HTTP/S) Simple Mail Transfer Protocol (SMTP) for analysis and defense utilizingCorelightsdeep packet insights andGigamonstraffic optimization capabilities.
  • Application Security Operations Support:Provide operational support for Application Security Testing (AST) platforms (e.g. Burp Suite) and Web Application Firewalls (WAFs) translating application security findings into actionable system-level defenses.
  • Application Security Operations Support:Provide operational support for Application Security Testing (AST) platforms (e.g. Burp Suite) and Web Application Firewalls (WAFs) translating application security findings into actionable system-level defenses.
  • Enterprise Vulnerability Management & Remediation Engineering:Design and implement automated processes for vulnerability scanning analysis and remediation tracking across all IT assets. You will engineer solutions to efficiently address vulnerabilities identified in systems applications and networks.
  • Security Controls Engineering & Effectiveness:Translate security architecture requirements into robust operational security controls across various technologies. You will continuously assess their effectiveness and optimize their performance within the operational environment.
  • Automation & Integration for Security Operations:Lead initiatives for automating security tasks integrating disparate security tools and developing scripts to streamline security operations workflows enhancing overall efficiency and response times including leveraging data fromCorelightandGigamonfor automated responses.

Who You Are

  • A Hands-On Security Operations Leader:You are a highly experienced Systems Engineer with a deep operational understanding of cybersecurity. You are passionate about building and securing robust infrastructure and ready to lead by example.
  • Proactive & System-Oriented Problem-Solver:You possess an exceptional ability to anticipate complex security challenges within systems and networks proactively identify issues and engineer practical scalable solutions.
  • Deep Technical Expertise:You bring a profound skill set in system administration networking and security tool engineering with verified experience inSplunk Cisco Corelight Gigamon and Red Hat.
  • Autonomous & Adaptable Engineer:You are a self-starter who consistently seeks to deepen technical knowledge and adapt solutions to an ever-changing threat landscape and evolving technologies.
  • Analytical & Detail-Oriented:You excel at dissecting complex system and security data identifying root causes and implementing precise effective operational changes including analyzing rich network telemetry fromCorelightand traffic data fromGigamon.
  • Effective Communicator & Collaborator:You can clearly articulate complex technical system and security challenges and solutions to both technical and non-technical audiences fostering strong collaboration across engineering and security teams.

Preferred Skills & Expertise

  • Expert-level engineering and operational management of Splunk especially Splunk Enterprise Security (ES) for security logging correlation and advanced threat detection.
  • Proven hands-on experience with Cisco network security devices including firewalls IPS and proxy solutions with a strong emphasis on operational configuration and troubleshooting.
  • Extensive experience in system administration hardening and securing enterprise operating systems including deep expertise with Red Hat Enterprise Linux and Microsoft Windows Server environments.
  • Demonstrated experience with Corelight sensors and the Corelight Open NDR platform including deployment configuration optimization and leveraging its network telemetry for advanced threat detection and incident response.
  • Proven experience with Gigamon packet brokers (GigaVUE Fabric Manager GigaSMART features for traffic mapping deduplication slicing and tool load balancing) including deployment maintenance and integration with security tools like Security Information and Event Management (SIEM) and Intrusion Detection Systems and Intrusion Prevention Systems (IDS/IPS) systems.
  • Strong experience in designing implementing and securing cloud environments particularly Azure/M365 including Azure Security Center Entra ID and cloud-native security controls.
  • Proficient engineering skills for Endpoint Detection and Response (EDR) platforms (e.g. CrowdStrike SentinelOne Microsoft Defender for Endpoint) including policy creation automation and incident response integration.
  • Demonstrated experience with Email Security Gateway solutions (e.g.Cisco Secure Email / IronPort) including advanced policy configuration to prevent phishing and malware.
  • Solid experience in engineering and operationalizing security for virtualized environments (e.g. VMware Hyper-V) and Virtual Desktop Infrastructure (VDI).
  • Deep practical experience in securing containerization and orchestration technologies (e.g. Docker Kubernetes) including image scanning registry security and runtime protection for operational environments.
  • Advanced understanding of networking protocols (e.g. TCP/IP DNS HTTP/S SMTP) and significant experience using tools likeGigamon packet brokersandCorelight sensorsfor network traffic analysis and security monitoring.
  • Ability to perform vulnerability scans analyze results from an operational perspective and engineer effective remediation strategies across diverse system types.
  • Strong scripting and automation skills (e.g. Python PowerShell Bash) to streamline security operations tasks and integrate security tools potentially leveraging data fromCorelightandGigamonfor automated responses.
  • Experience with Application Security Testing (AST) tools (e.g. Burp Suite) and Web Application Firewalls (WAFs) from an operational management and configuration standpoint.
  • Ability to design and validate security controls to meet operational objectives across various technological landscapes.
  • Knowledge of critical infrastructure systems and associated information communication technology security considerations.
  • Proven ability to design and implement robust system access controls for sensitive information systems and networks.
  • Experience with technology integration processes especially in complex hybrid virtualized and containerized environments.
  • Familiarity with industry standards and frameworks (e.g. NIST ISO 27001) as they apply to operational cybersecurity.

Minimum Job Requirements

  • Bachelors degree in engineering/science/information technology discipline: Minimum 2 years of relevant experience. Typical engineering/science/information technology experience ranging from 3 to 7 years.
  • OR Masters degree in engineering/science/information technology discipline.
  • OR applicants without a bachelors degree may be considered based on a combination of at least 10 years of completed education and/or relevant experience

Department of Energy (DOE) Order 426.2A Requirements

  • Not Applicable

Preferred Job Requirements

  • A minimum of 7 years of hands-on experience in Systems Engineering with a significant focus on Cybersecurity Operations.
  • Demonstrated experience and/or certifications in Splunk Cisco network security Corelight Gigamon packet brokers and Red Hat Enterprise Linux.
  • Relevant advanced industry certifications such as Corelight Certified Engineer Gigamon Certified Professional Splunk Enterprise Certified Admin/Architect Cisco Certified Network Professional Security (CCNP Security) Red Hat Certified Engineer (RHCE) Certified Information Systems Security Professional (CISSP) Global Information Assurance Certification (GIAC) GIAC Certified Incident Handler (GCIH) GIAC Certified Intrusion Analyst (GCIA).
  • Extensive experience with Splunk Enterprise Security (ES) implementation and optimization.
  • Experience with security automation and orchestration platforms (SOAR).
  • Demonstrable expertise in architecting and implementing Data Loss Prevention (DLP) strategies and technologies.
  • Proven background in designing and enforcing Data Protection principles and navigating complex regulatory compliance frameworks related to operational data security.
  • Experience in a senior engineering role within a Security Operations Center (SOC) environment leveragingCorelightandGigamonfor advanced analysis.

#JointheMission: Your Impact Starts Here

At Pantex you wont just find a jobyoull discover a career of purpose safeguarding national security through work performed nowhere else on Earth. We empower dedicated innovative individuals like you to achieve their greatest impact surrounded by exceptional talent and limitless opportunities for professional growth.
When you #JointheMission you choose a lifetime career where your commitment is genuinely valued and rewarded. At Pantex we believe that extraordinary talent thrives when supported by a balanced life. Discover the flexibility that empowers you to excel coupled with a benefits package designed for your total peace of mind from comprehensive health coverage and robust retirement planning to opportunities for continuous learning through education reimbursement.

Notes

The minimum education and experience for the lowest career level in the job posting range are listed under Minimum Job Requirements. Successful candidates hired into a higher career level than the minimum in the range must meet the requirements listed in the job leveling charts for the career level into which they are being hired.
If a range of Career Levels is posted i.e. Senior Associate to Senior Specialist internal applicants already in one of the Career Levels would come across at their current Career Level. Internal applicants currently in a lower level Career Level would move to the lowest posted Career Level.
Requires a Q clearance; however all qualified candidates will be considered regardless of their current clearance status. The ability to obtain and maintain a Department of Energy Q clearance is required.
Position may require entry into Materials Access Areas (MAA) and participation in the Human Reliability Program (HRP). If HRP is required candidate must complete a counterintelligence-scope polygraph pursuant to 10 Code of Federal Regulations (CFR) 709. Medical requirements may apply.
Pantex is a drug-free workplace. Candidates accepting a job offer will be required to pass a pre-placement physical drug screening and background investigation. As an employee you may be required to receive and maintain a security clearance from the United States Department of Energy in order to meet eligibility requirements for access to sensitive information or matter. U.S. citizenship is a requirement for security clearance applicants. All employees are subject to random selection for drug testing without advance notification.
Pantex is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race color sex age religion national origin ancestry genetic information disability or veteran status.

Required Experience:

Senior IC

Location: Amarillo TX - Pantex PlantJob Title: Cyber Senior Systems EngineerCareer Level From: Senior AssociateCareer Level To: SpecialistOrganization: Cyber Operations ()Job Specialty: Cyber SecurityWhat Youll Do Pantex is seeking a highly skilled and motivatedSenior Systems Engineerwith a speciali...