ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking a Security Engineer who has experience developing and carrying out information security plans and policies in the federal market. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market. Roles and Responsibilities Perform research and assess the impacts of system modifications and technological advances on the systemrsquos security Review system security documentation in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document security relevant changes Develop strategies to respond to and recover from a security breach Develop or implement open-sourcethird-party tools to assist in detection, prevention and analysis of security threats Awareness training of the workforce on information security standards, policies and best practices Implement protections Installation and use of firewalls, data encryption and other security products and procedures Conduct periodic network scans to find any vulnerability Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses Monitor networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior Investigate security breaches Apply federal and organizational directives to manage system security operations. Support federal information system documentation to include System Security Plan (SSP) Security Concept of Operations (SECONOPs), Architectural overviews System Security Standard Operating Procedures (SOP) documents for performing assessmentssecurity activities. System configurations for devices and software performing security-relevant functions Vulnerability and penetration test results Security incident reports System security performance metrics Report on threat actor capabilities in order to clarify the details of security requirements or approaches and to implement solutions Support source code analysis Required Skills Technical skills include Expertise in anti-virus software, intrusion detection, firewalls and content filtering Knowledge of risk assessment tools, technologies and methods Expertise in designing secure networks, systems and application architectures Planning, researching and developing security policies, standards and procedures System administration, supporting multiple platforms and applications General skills include The ability to multi-task A keen eye for detail Strong organizational skills The ability to thrive in fast-paced, high-stress situations The ability to communicate network security issues to peers and management Desired Skills Expertise with mobile code, malicious code, and anti-virus software Endpoint security solutions, including file integrity monitoring and data loss prevention Cloud (AWS, Azure, etc.) platform as a service (PaaS) security Automating security testing tools Education Requirement A bachelorrsquos degree in Computer Science or other Engineering or Technical Discipline Years of Experience Requirement 5 years of information security experience with a focus on network, application and architecture. Specific Information Security related experience including encryption, IDSIPS, Firewalls, SEIMs and Log Management, syslog analysis, HTTP and TCPIP analysis, and vulnerability assessment. Knowledge of email security gateway, cloud and virtual technologies. In-depth knowledge of mapping business requirements to technology and ability to identify security gaps at the architecture level. Knowledge of common security vulnerabilities such as XSSCSRF, SQL Injection, Buffer Overflow, and DoS attacks. Knowledge of the HTTP protocol, including analyzing the requestresponse. Certification Requirement Certified Information Systems Security Professional (CISSP), Certified Information System Auditor (CISA), Certified Information Security Manager (CISM) or other equivalent certifications preferred Security Clearance Requires Top Secret Current DHS EOD