Senior Cyber Security Engineer
Previous Job
Previous
Senior Cyber Security Engineer
Ref No.: 18-03238
Location: Darnestown, Maryland
Work Authorization:USC/Green Card
Segment:Commercial
JPAS:NO
Senior Cyber Security Engineer
RESPONSIBILITIES & DUTIES
  • Provide an understanding and application of security governance and best practices
  • Demonstrate a strong understanding of an enterprise technical environment and system engineering/administration actions
  • Provide Vulnerability Management oversight
  • Support secure system development lifecycles
  • Maintain and promote secure tools and infrastructure
  • Perform Event Detection and Incident Response
  • Plan, understand and communicate risk, as well as methods to reduce this risk
  • Develop an understanding of how change to various environments can result in changes to risk posture
  • Provide technical leadership to infrastructure teams to effectively translate security policy and best practices into action within the desktop support, infrastructure engineering and operations teams, and user communities

QUALIFICATIONS & SKILLS

Required:
  • Bachelors and\or work experience equivalent
  • 4+ years progressively technical hands-on experience and/or training in desktop, server, network, and system development, engineering, and administration (or equivalent combination of education and experience)
  • 4+ years security experience

Desired:
  • Strong experience with a variety of areas related to security to include the following:
  • Security Governance and best practices -
  • Familiarity with FISMA and NIST SP 800 Series documents, and how they relate to secure technologies, operational and management practices
Strong understanding of an enterprise technical environment and system administration actions -
  • Experience with large and complex Linux, Windows, and/or Mac desktop and server operating systems environments
  • Experience with operating in a MS Active Directory environment
  • Experience with applications and tools within a highly diverse enterprise environment
  • Experience with virtual and physically managed infrastructures
  • Experience working within a diverse and heterogeneous network environment
Vulnerability Management -
  • Experience identifying, coordinating and communicating, and resolving system vulnerabilities leveraging a vulnerability management tool such as Tenable Nessus, Retina, or other similar scanning systems
  • Ability to work with various technology teams to remediate and validate corrective actions.
System Development -
  • Understanding of securing internet tools and protections associated with DMZ on a public facing network
Secure Infrastructure -
  • Understanding of developing secure baseline configurations across various platforms, operating systems, and tools.
Event Detection and Incident Response -
  • Understanding of tools and techniques used to identify abnormal behavior, including Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM) systems, and other relevant tools.
  • SIEM (IBM QRadar): Tune and filter logs, create exceptions, configure to receive logs from other systems, create reports.
  • IDS/IPS(Cisco FirePower): Configure, deploy , monitor and tune IDS/IPS signatures, security/threat intelligence feeds
  • Network Access Control (NAC) (ForeScout): Configure, deploy and administer NAC system. Refine device classification and clarification. KEY
  • Firewalls (CheckPoint, Cisco ASA): Configure and upgrade firewalls, add/delete rules, analyze logs, implement management server redundancy, optimize and audit rule base.
  • VPN(Cisco ASA): Configure and maintain, add rules, add routers, maintain SSL certificates
  • Vulnerability Management (Tenable Security Center and Scanners): Install and configure entire system, upgrade, expand scanning segments as needed, create and maintain reports. Create and schedule asset, vulnerability and configuration scans for the enterprise.
  • Anti-Virus (McAfee VirusScan Enterprise with ePolicy Orchestrator): Administer system, upgrade system, create file/directory scanning exclusions.

One or more of the following certifications is preferred
  • CISSP certification is strongly preferred, or ability to obtain within 6 months
  • CEH certification
  • SANS Security Related Certifications (e.g. GSEC, GCIH)
  • Cisco Network Certifications (CCNA, CCNP)
  • Microsoft MCSA/MCSE