Cybersecurity Engineer                                           

 

Location: Washington DC, NW 20220 

Employment Type: FTE (with benefits)

Salary: TBD

Clearance: Active Secret

Government Customer: Yes

Seeking a Security Engineer to support a Federal client located in Washington, DC. This individual must possess the ability to interact comfortably with technical and non-technical staff. This position works closely with the ISSM and is responsible for assisting in the implementation and maintenance of technical controls and programs in support of FISMA and other federal directives.

 

The ideal individual will be responsible for the following:

  • Provide highly technical, specialized guidance and solutions to complex security problems.

  • Execute vulnerability management program with configuration and execution of vulnerability scanning tools.

  • Perform security monitoring and provide management/analysis of security log aggregation tools.

  • Work closely with members of the Technical Architecture team to ensure security initiatives are in place and maintained.

  • Research and prepare deployment strategy, implementation guide and schedule for security infrastructure components.

  • Develop technical presentations and/or white papers to the technical architecture team.

  • Provide technical support for remediation activities and deploy appropriate countermeasures, based on results provided via the quarterly vulnerability matrix.

  • Ensure infrastructure protection through quarterly/monthly vulnerability testing. 

  • Administer, maintain and monitor the auditing infrastructure supporting operational and compliance reporting.

  • Perform necessary data analysis to provide a variety of security reports supporting the ISSM initiatives.

  • Assess the effectiveness of access controls through a bi-annual review of IT profiles.

  • Document and verify all password management/maintenance activities for the GSS including the disaster recovery site.

  • Support the organization through the IT security incident process.

  • Ensure all security related configurations, and patches are under configuration management control.

 

Qualifications

  • 6+ years of experience executing security tasks in a direct, hands-on environment comprised of Unix and Microsoft Windows.

  • 5+ years of experience working with security tools in the following categories; network security monitoring, audit log monitoring, collection, and analysis, security information event management, vulnerability scanner, system integrity monitoring, and operating system baselines.

  • Working knowledge of the Federal Information Systems Management Act (FISMA) and with FISMA and OMB guidelines for Certification and Accreditation of information systems, as well as those for FISMA and OMB reporting; including NIST publications and guidelines, including SP 800-37, 800-30, 800-34, 800-53, 800-53A, 800-60, and FIPS 199 and OMB regulations, including OMB A-130 and FISMA

  • Ability to effectively communicate in both written and oral form with senior engineering and management staff.

  • Experience with Microsoft Windows and Unix/Linux operating systems.

  • Experience with hardening and assessing network perimeter controls, including firewalls, incident response capabilities, telecommunications devices, and VPN required.

  • Experience with hardening and assessing database security configurations, including Oracle and SQL.

Preferences

  • CISSP, GIAC, MCSE, CCNA, CCNP, or CCSE or equivalent certifications.

  • Strong research and analytical skills with an ability to quickly learn new concepts and operationally apply them.

  • Experience with hardening/assessing UNIX security configurations.

  • Experience performing analysis/reporting with log management/aggregation tools (e.g., Splunk) or SIEM.

  • Experience performing security vulnerability testing (e.g., Nessus) and web application security testing (e.g., WebInspect).

 

 

 

Or  resume to Jobs@FlexSR.com

Attn SOC Engr 

www.CyberSecSource.com