• Senior Security Engineer

    Job Locations US-MD-Bethesda
    Job ID
    # of Openings
    Information Security/Cyber Risk
    Regular Full-Time



    Common Securitization Solutions, LLC ("CSS") is seeking a Senior Security Engineer in support of the Common Securitization Platform (CSP).

    How many times in your career do you get the opportunity to do something that’s never been done? To create something that will change an entire industry? CSS is building the Common Securitization Platform to issue and manage mortgage securities. We’re looking for people who can walk in two worlds – a start-up environment where development is collaborative and rapid; and a production environment where we run and monitor the performance of the platform. Longer-term, this platform could serve the entire US housing finance industry. Sound transformative? It is. Come join us and help create something remarkable.


    CSS is expanding its information security function and is looking to hire a Senior Security Engineer to design and enhance application and infrastructure security for a new financial services platform. We are seeking an experienced and knowledgeable expert who has proven design and deployment experience. The role involves working with platform developers and infrastructure engineers to secure the platform data and transactions. The role includes the opportunity to implement Security Services requirements for the platform. Security Services include, security monitoring, authentication, roles based access control, logging, privileged account management and password vaulting, web services security, web single sign on. This individual will be working in a high-performing technical environment.  A well-qualified candidate will be comfortable working both hands-on and at the architecture/design/development levels of a solution.

    The position provides an opportunity to participate in an energetic and fast paced environment using the latest in technology and tools to build and secure an advanced financial services processing platform running in a virtual cloud-based IaaS datacenter.




    Job Description:


    The Senior Security Engineer is responsible for hands-on design, engineer, configure and integrate system security solutions that provide confidentiality, integrity, availability, authentication, and non-repudiation to meet stated security control objectives.

    • Work closely with security architects to understand goals, determine security requirements, to design, and implement application and data security solutions to meet business objectives, IT strategic initiatives, corporate and regulatory requirements.
    • Coordinate with infrastructure and application development project teams to deliver solutions collaboratively, ensuring that corporate security policy, standards and industry best practices are met.
    • Drive the selection, POC, implementation and operational deployment of new security technology solutions to ensure the confidentiality, integrity and availability of business data
    • Develop disaster recovery and continuity of operations plans for new security systems under integration, and ensure testing prior to systems entering a production environment.
    • Deploy and configure technology, partnering with IT Infrastructure teams and vendor product professional service partners.
    • Stay current with developing technologies, emerging threat landscape and predict impact of changing technologies.
    • Coordinate with IT Operations team for the production readiness of security infrastructure solutions supporting mission critical production environments and applications.
    • Other duties as assigned.



    • BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field. Master’s Degree is a plus.



    • 6 years of security related engineering experience
    • Applicants must be authorized to work in the US without requiring employer sponsorship currently or in the future. CSS does not offer H-1B sponsorship for this position.


    Specialized Knowledge & Skills     

    • Demonstrated experience in defining security solutions for multi-tier cloud based application on AWS (S3, EC2, ELB, Subnet/AZ, IAM, KMS, CloudWatch)
    • Experience with the security tools listed below:
    • Authentication and roles based access control (AD, ADFS, SAML) (e.g. Ping Identity, Okta, OneLogIn, RSA, etc.)
    • PKI with certificate lifecycle management (e.g. Venafi)
    • Privileged Account Management & Password vaulting (e.g. CyberArk, Exceedium),
    • FileServer and Database encryption for data at rest (e.g. Vormetric)
    • Multifactor authentication (e.g. Google Authenticator, Duo)
    • Secure Database Query Tool (e.g. JackDB, Navicat, SQLPro)
    • AWS network security (IAM/Stacksets, Security Groups);
    • Firewalls (e.g. Fortigate, Cisco); Firewall Review tools (Firemon, Tufin)
    • Platform Security (RHEL, Windows, Database)
    • Scripting experience (Shell, Perl, PowerShell, CHEF Inspec)
    • Excellent interpersonal skills, presentation skills, and verbal / written communication skills
    • Self-starter; adaptable to change; motivated to set personal and program goals and proactively track performance against goals and initiatives



    As a condition of employment with Common Securitization Solutions, "CSS", any successful job applicant will be required to pass a pre-employment drug screen and to successfully complete a background investigation, which may also include a credit check for positions in some areas of our business.
    CSS is an Equal Opportunity Employer.





    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.