Cybersecurity Engineer                                           (JSDT0087)

Location: Washington, D.C. (No Telework)

Salary:  TBD

Clearance: Secret

Seeking a Cyber Security Engineer to support a Federal client located in Washington, DC. The individual must possess the ability to interact comfortably with technical and non-technical staff and adapt to changing schedules and requirements. It requires an individual capable of working within an environment committed to federal best practices, including software lifecycle management, change control, documentation, security and regulatory compliance. This position works closely with system and network administrators, software developers, database administrators, and project management staff supporting the cyber security and risk management goals of the ISSM..

 

The ideal individual will:

  • Have demonstrated knowledge of cyber security concepts, principles, and operations, an understanding of the NIST 800-series publications, and direct hands-on experience using a variety of computer and network security tools and utilities.

  • Working knowledge of Windows and Unix operating systems, ideally with some familiarity of scripting languages.

  • Install, manage and maintain security system platforms, tools and utilities.

  • Provide security monitoring, data/log analysis and reporting based on ISSM directed deliverables.

  • Perform scans to identify and assess vulnerabilities in IT systems including computers, networks, software systems, information systems, databases and applications.

  • Investigate and utilize new technologies and processes to enhance security capabilities and implement improvements.

  • Participate in development and integration of security products into system and network architecture.

  • Detail countermeasures, recommendations and business cases based on standard security principles, policies, standards, regulatory requirements and industry best practices.

  • Contribute to the development and/or enhancement of system defensive capabilities.

  • Research and prepare deployment strategies, implementation guides and schedules for security infrastructure components.

  • Assist with developing security standards for customer projects in accordance with NIST guidelines and security best practices.

  • Review security plans, processes, and strategies to identify areas for improvement or updates.

  • Develop technical presentations and/or white papers to the technical architecture team and ISSM.

 

Qualifications

  • 6+ years of experience executing security tasks in a direct, hands-on environment comprised of Unix and Microsoft Windows.

  • 5+ years of experience working with security tools in the following categories; network security monitoring, audit log monitoring, collection, and analysis, security information event management, vulnerability scanner, system integrity monitoring, and operating system baselines.

  • Able to learn new concepts, products and technologies on the job.

  • Self-starter and able to work with little or no direct supervision.

  • Excellent troubleshooting and problem solving skills.

  • Able to multi-task effectively.

  • Familiarity with host based and network based security concepts.

  • Knowledge of certification and accreditation processes.

  • Familiarity with vulnerability assessment tools and techniques.

  • Understanding of systems security engineering concepts, principles, and theories.

  • Working knowledge and ability to apply layered security architectures and designs.

  • Excellent written and verbal communication skills.

  • Effective in communicating issues, impacts, and corrective actions.

  • Ability to clearly report information relevant to sound systems security engineering design.

 

Preferences

  • CISSP, GIAC, MCSE, CCNA, CCNP, or CCSE or equivalent certifications.

  • Strong research and analytical skills with an ability to quickly learn new concepts and operationally apply them.

  • Experience with hardening/assessing UNIX security configurations.

  • Experience performing analysis/reporting with log management/aggregation tools.

 

To apply send resume to Norris@FlexSR.com

Attn CS Engr (JSDT0087)

 

www.CyberSecSource.com