Come work at a place where innovation and teamwork come together to support the most exciting missions in the world!
The Cyber Fusion Center (CFC) is seeking a highly motivated Senior Security Engineer to join our Infrastructure Security team. This role is ideal for an experienced Linux Infrastructure Engineer with a strong foundation in Linux administration, automation, and production operations, along with exposure to enterprise security technologies. The selected candidate will play a key role in managing and securing the critical infrastructure that protects the Qualys platform while developing expertise in Identity & Access Management (IAM), Public Key Infrastructure (PKI), Privileged Access Management (PAM), Secrets Management, and Secure Access platforms.
Key Responsibilities
1. Linux Infrastructure Administration
- Administer, maintain, and troubleshoot Linux servers across production and non-production environments.
- Perform operating system installation, configuration, upgrades, patching, and lifecycle management.
- Monitor system health, availability, performance, and capacity.
- Perform Linux OS hardening using industry best practices and security benchmarks.
- Manage users, groups, permissions, storage, networking, services, and system resources.
- Perform vulnerability remediation and security patch management.
- Support high availability, disaster recovery, and infrastructure resiliency initiatives.
- Create and maintain technical documentation and operational runbooks.
2. Security Infrastructure Administration
- Assist in managing and maintaining enterprise Identity and Access Management (IAM) platforms.
- Support LDAP/LDAPS infrastructure and enterprise authentication services.
- Learn, administer, and maintain ForgeRock/Ping Identity solutions.
- Support enterprise Public Key Infrastructure (PKI) including certificate lifecycle management.
- Assist with certificate issuance, renewal, revocation, and automation.
- Support Privileged Access Management (PAM) solutions and privileged account lifecycle management.
- Assist in managing Secrets Management platforms and secure credential storage.
- Support secure remote access infrastructure such as Teleport.
- Participate in infrastructure upgrades, migrations, and platform lifecycle management.
3. Automation & Infrastructure as Code
- Develop automation using Bash, Python, or PowerShell scripting.
- Build and maintain automation using Ansible, Terraform, Puppet, or similar tools.
- Automate infrastructure provisioning, configuration management, and operational activities.
- Contribute to Infrastructure as Code (IaC) repositories and CI/CD pipelines.
- Continuously improve operational efficiency through automation.
4. Security Operations & Incident Management
- Participate in 24x7 on-call support rotation for critical security infrastructure.
- Troubleshoot production incidents and restore services within defined SLAs.
- Perform Root Cause Analysis (RCA) and implement preventive measures.
- Collaborate with Engineering, Operations and other stakeholders during incident response.
- Drive operational excellence through continuous service improvements.
5. Security Compliance & Best Practices
- Implement and maintain infrastructure security best practices.
- Support vulnerability remediation across managed infrastructure.
- Assist with internal and external security audits.
- Ensure infrastructure complies with organizational security standards and regulatory requirements.
- Maintain operational procedures, architecture documentation, and standard operating procedures.
Required Qualifications
- Bachelor's degree in Computer Science, Information Technology, Information Security, Engineering, or equivalent practical experience.
- 3–5 years of hands-on Linux administration experience supporting enterprise production environments.
- Strong experience with Linux distributions such as Red Hat Enterprise Linux (RHEL), Oracle Linux, Ubuntu, or CentOS.
- Strong understanding of Linux administration including:
- User and group management
- Filesystem administration
- Storage management (LVM)
- System services (systemd)
- Networking
- Performance tuning
- SSH
- SELinux
- Security hardening
- Patch management
- Good understanding of TCP/IP networking, DNS, SSL/TLS, SSH, firewalls, and load balancing.
- Experience with virtualization platforms such as VMware.
- Hands-on scripting experience using Bash and/or Python.
- Experience with automation tools such as Ansible, Terraform, Puppet, or Jenkins.
- Strong troubleshooting and analytical skills.
- Excellent verbal and written communication skills.
- Ability to work independently and in a collaborative team environment.
- Willingness to participate in a 24x7 on-call support rotation.
Preferred Certifications
- RHCSA / RHCE
- CompTIA Security+
- CISSP
- Linux+
- AWS / OCI / Azure Cloud Certifications
- HashiCorp Vault Associate
- Ping Identity or ForgeRock Certifications
What You'll Gain
- Hands-on experience managing enterprise Identity & Access Management (IAM), Public Key Infrastructure (PKI), Privileged Access Management (PAM), Secrets Management, and Secure Access platforms.
- Exposure to enterprise scale security infrastructure supporting a global SaaS platform.
- Opportunities to work with cloud native security technologies and automation.
- A collaborative environment focused on innovation, operational excellence, and continuous learning.
- Career growth into a specialized Infrastructure Security Engineer within the Cyber Fusion Center.