Offensive Security Engineer
U.S. Bank
Cleared Cybersecurity Engineer, TS/SCI
Ampsight
full-time
Posted on:
Location: Virginia • 🇺🇸 United States
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
AnsibleAWSAzureCloudCyber SecurityFirewallsPythonTCP/IPTerraformTypeScriptVMware
About the role
- Cloud security implementations leveraging VM-Series firewalls, Prisma Access, and Prisma Cloud for AWS, Azure, and hybrid deployments.
- Conduct network and system evaluations from a security standpoint; analyze log data, packet captures, and threat reports to identify risks.
- Lead data center to cloud migration project(s), ensuring secure architecture and successful delivery.
- Implement and tune vulnerability management programs to remediate high-risk exposures, especially on public-facing assets.
- Design, deploy, and optimize Networks, including VPNs, threat prevention, App-ID, User-ID, and Content-ID features.
- Upgrade legacy security tools with modern endpoint and firewall solutions to reduce false positives and enhance visibility.
- Automate operational tasks using scripting tools (Python, Ansible, or Terraform) for firewall and cloud security configuration.
- Produce technical documentation, runbooks, and deliver knowledge transfer sessions for cross-functional teams.
Requirements
- 3 + years of experience in cybersecurity engineering, with a focus on network and cloud security.
- Hands-on expertise with network firewalls.
- Strong understanding of networking protocols (TCP/IP, BGP, OSPF, IPSec, SSL/TLS).
- Experience with DevSecOps practices and automation tools (Python, Shell Script, Ansible, Terraform).
- Proficiency with SIEM platforms for log analysis and monitoring.
- Cloud Security knowledge and experience across AWS, Azure, or hybrid environments.
- Familiarity with STIG compliance, PKI implementation, and vulnerability management.
- Virtualization experience with VMware and VDI.
- Top Secret Security Clearance (SCI Eligible) required.
