The U.S. Pharmacopeial Convention (USP) Senior Security Engineer in Rockville, Maryland

Senior Security Engineer

Tracking Code


Job Description

The Senior Security Engineer serves as key individual contributor on the Information Technology (IT) Security team. As part of the IT Security team, the Senior Security Engineer will help support USP’s global public health mission by protecting critical computing assets, securing sensitive data, and working with the Global IT teams to provide security monitoring and incident response.

The Senior Security Engineer is responsible for implementing, monitoring, and supporting security-focused systems. Other responsibilities include: ensuring systems and networks have adequate security to prevent unauthorized access; working as part of the security operations team for USP; developing metrics and reports to share with system owners and administrators regarding the efficacy of security controls and policies; and the creation and maintenance of security documentation. In addition to the tactical operational duties, the position will also engage in projects to implement new technologies and to enhance organizational security capabilities.

Roles and Responsibilities

  • Engineer, implement, and monitor security controls for the protection of global computer systems, networks, and information

  • Identify, recommend, and implement appropriate technical solutions to mitigate security vulnerabilities, monitor for malicious activity, and automate repeatable tasks

  • Management, configuration, and administration of commercial firewall products such as Palo Alto, Cisco ASA, or Checkpoint

  • Deployment, maintenance, and operational use of security systems, including intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, and related technologies

  • Coordinate and support the implementation of security controls across the global USP sites

  • Provide guidance and implement security controls for cloud-based infrastructure and services

  • Identify and define system security requirements

  • Prepare and document standard operating procedures

  • Configure and troubleshoot security infrastructure devices

  • Identify and implement security orchestration and automation cases

  • Perform security monitoring and incident response

  • Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement

  • Collaborate with other IT groups to address operational issues

  • Other duties as assigned

Basic Qualifications

  • Bachelor’s degree in Information Technology or a relevant field required

  • 3-5 years of experience in IT security for a mid-large size organization

  • Equivalent combination of education and relevant experience may be considered

Preferred Qualifications

  • GCIH, GCIA, GMON certifications preferred

  • Proficiency at the command line for both Linux and Windows environments

  • Proficiency with scripting in one or more of the following: PowerShell, Python, bash

  • Proficiency with vulnerability scanning tools such as Nessus

  • Proficiency with Intrusion Detection Systems such as Snort or Suricata

  • Experience supporting Security Onion deployments

  • Experience in performing data analysis using tools such as Splunk or Elasticsearch/Kibana

  • Familiarity with the NIST Cybersecurity Framework (CSF), the CIS Critical Security Controls, the Mitre ATT&CK framework, and similar security resources

  • Familiarity with web related technologies (Web applications, Web Services and of network/web related protocols

  • Experience implementing security controls for information systems

  • Problem solving skills and the ability to work under pressure

  • Ability to produce quality documents, procedures, reports, and other written documentation

  • Excellent communication skills

  • Experience handling multiple projects simultaneously in a dynamic, deadline-oriented environment with ability to reach decisions in a timely manner

  • Demonstrated analytical skills to critically evaluate the information gathered from multiple sources, reconcile conflicts, decompose high-level information into details, abstract up from detailed information to a more general understanding

  • Able to work flexible hours when needed. In addition to normal business hours of 8:30 a.m. 5:00 p.m. Monday through Friday, serves on a team to provide 24 hour a day, 7 days a week response to emergency alarm calls and can be available on short notice to support requests during unusual hours, especially early or late in the day during the business week.

Supervisory Responsibilities


USP offers an impressive benefits package , including:

  • Generous paid time off – 13 paid holidays, 10 sick days and 15 vacation days per year to start

  • An annual 401(k) contribution, beginning after 1 year of service, of 10% of pay (base and bonus) every pay period that vests immediately

  • Comprehensive individual and family healthcare plans with affordable premiums and low annual deductibles ($250/individual or $500/family)

The U.S. Pharmacopeial Convention (USP) is a scientific nonprofit organization that sets standards for the identity, strength, quality, and purity of medicines, food ingredients, and dietary supplements manufactured, distributed and consumed worldwide. USP’s drug standards are enforceable in the United States by the Food and Drug Administration, and these standards are used in more than 140 countries.

Being a part of USP means belonging to a diverse culture made up of more than 1,000 talented professionals working together at five international locations. We share our expertise in science, IT, human resources, quality assurance, communications, administrative management, and more...all to support an overall mission dedicated to making a difference by providing standards and programs that help improve the quality of medicines, dietary supplements, and foods worldwide.

USP is proud to be an equal employment opportunity employer (EEOE) and affirmative action employer. Employment selection and related decisions are made without regard to sex, race, age, disability, religion, national origin, color, veteran status, sexual orientation, gender identity or any other protected class. We are committed to working with and providing reasonable accommodation to individuals with disabilities.

USP does not accept unsolicited resumes from 3rd party recruitment agencies and is not responsible for fees from recruiters or other agencies except under specific written agreement with USP.

Job Location

Rockville, Maryland, United States

Position Type


Job Category Information Technology