National Rural Utilities Cooperative Finance Corporation
Location: Dulles, Virginia
Type: Full Time
4 Year Degree
Internal Number: 383
Join a member-driven leader in a fast-paced, challenging and collaborative environment with the shared mission of supporting America’s network of rural electric cooperatives. Since its formation in 1969, National Rural Utilities Cooperative Finance Corporation, or CFC, located in Dulles, Virginia, has provided capital and industry-leading financial products to more than 900 not-for-profit, consumer-controlled utility systems across the United States. Our exceptional team delivers the “CFC Difference” that encompasses our values of service, integrity and excellence in all our interactions.
CFC has a need for a Senior Cyber Security Engineer within our Business Technology Services group. This person will identify trends and patterns that could indicate the presence of threat actors, investigation of identified or reported incidents, containment, and mitigation of threats across all technology infrastructure. The Senior Engineer will mature the security operations and enhance security technologies and capabilities through the utilization of open-source security tools and the expansion of visibility, threat detection, response, the creation of runbooks, and SOAR activities. The Senior Engineer will collaborate across teams to ensure proper ingestion of security logs and lead the effort to operationalize log data.
As a Senior Cyber Security Engineer, you will: • Lead incident response efforts including, but not limited to, investigation, artifact collection, escalation, containment, recovery, root-cause analysis, and drafting of incident reports. • Conduct assessments of threats and vulnerabilities; determine deviations from acceptable configurations, enterprise or local policy; assess the level of risk; and develop and/or recommend appropriate mitigation countermeasures in operational and nonoperational situations. • Develop Splunk dashboards, complex queries, event correlation, data enrichment, generation of alerts, and threat hunting activities. • Deploy and implement cloud-centric assessments to detect and respond to threats in cloud environments like Amazon Web Services (AWS), Microsoft Azure, and SaaS applications. • Establish and mature security hardening standards and advocate for changes in policies that support organizational cyber security initiatives, enhancements and drive process improvement efforts. • Collaborate with business partners to ensure security is factored in the evaluation, selection, design and configuration of hardware and software. • Serve as a subject matter expert and participate in working group sessions to share knowledge, idea generation for advancing security capabilities and achieving efficiencies. • Develop, plan, coordinate, deliver and/or evaluate training courses, methods, and techniques as appropriate for team members within pertinent subject domain. • Plan, execute, and analyze penetration tests on various systems, networks, and applications to identify vulnerabilities and weaknesses.
To be successful, you will need: • Bachelor’s degree in Computer Science, related field or equivalent work experience. • Knowledge of Microsoft 365 security, Azure and AWS security. • 8 years of combined experience in security engineering, incident management or SOC analysis. • Exposure to working on red team/blue team, incident response and attack simulation. • 6 years of hands-on experience across one or more detection and preventive controls such as NGFW, Proxy, IDS/IPS, EDR, XDR, CASB, A/V, DLP, or DNS Security. • Proficiency in at least one scripting language (e.g., Python, PowerShell, Bash). • Strong knowledge of security frameworks such as MITRE ATT&CK framework. • Advanced working knowledge of FireEye/Trellix Helix, NX, HX, and ETP. • Advanced working knowledge of Carbon Black App Control (Bit9). • Advanced knowledge of network security concepts and technologies such as VPN, firewalls, network monitoring, intrusion detection/prevention, cloud security, wireless security, content filtering, etc. • Advanced knowledge of endpoint security, advanced persistent threat (APT), malware, and vulnerability management. • Experience in Splunk Security Essentials preferred. • Experience in Digital Forensic & Incident Response (DFIR) preferred. • Strong familiarity with Elastic Stack (Elastic Search, Logstash, and Kibana) preferred. • Experience with developing advanced Cybersecurity Risk Metrics preferred. • Experience with Palo Alto firewalls preferred. • One or more certifications are preferred: - Certified Information Systems Security Professional (CISSP) - AWS Certified Security or AWS Certified Solution Architect - Microsoft Cybersecurity Architect Expert - Microsoft Security Operations Analyst or Microsoft Certified Azure Security Engineer Associate
We offer a comprehensive benefits package that includes annual incentive opportunities; hybrid work environment, an employer-paid pension plan; 401(k); medical, dental and vision insurance; a generous leave policy; onsite gym; and more—all in a friendly, professional work environment. For additional information, please visit our website at www.nrucfc.coop. CFC is an Equal Opportunity Employer committed to workforce diversity.
About National Rural Utilities Cooperative Finance Corporation
The National Rural Utilities Cooperative Finance Corporation (CFC) was founded in 1969 by the rural electric cooperative industry. CFC is a nonprofit finance cooperative with more than $32 billion in assets that provides industry expertise, flexibility and responsiveness to more than 1,000 member-owners to help them meet their financial needs. At CFC, our members’ success is our success. Our commitment to our members goes beyond our work as a lender. In addition to our lending solutions, CFC offers treasury services, investment opportunities, financial models and tools, programs to support and promote the cooperative business model, and industry-leading events and training.