The Security Engineer is a member of Security Operations Center (SOC), Information Security Department and performs technical activities for delivering effective host, network, data, and application security services. This position will have primary responsibility for security platforms in the production environment, as well as development, quality-assurance and staging environments.
The Security Engineer’s responsibilities include security system deployments, configuration, monitoring and reporting. This position will have a lead role in performing vulnerability assessments, security testing, and working with operations and development teams on remediation and mitigation of findings. This position will have a primary role on the Computer Security Incident Response Team (CSIRT) and with Disaster Recovery/Continuity of Operations Planning (DR/COOP). The Security Engineer provides support to planning, designing and implementing security controls which safeguard and monitor events for information systems, enterprise applications and data.
· Analyze, troubleshoot, and investigate security-related, information systems’ anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.
· Maintain, configure, and analyze network and host-based security platforms:
o Vulnerability scanning systems and tools
o Network-based Intrusion Detection/Prevention Systems (IDS/IPS)
o Host-based Intrusion Detection/Prevention Systems (HIDS/HIPS)
o File integrity verification and monitoring software
o Security Information & Event Management (SIEM) platform
o Application (Layer 7) Firewall
o Network Access Control (NAC)
o Data Loss Prevention (DLP)
o Log Indexing and Correlation platform
o Anti-virus and anti-spyware console
o Firewall and network access controls lists
o Web and E-mail proxy and filtering systems
o Physical access control systems
· Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations.
· Provide reoccurring reports for network and host-based security solutions.
· Provide CSIRT support as needed in response to information security related events.
· Participate in DR/COOP exercises and continuous improvement processes.
· Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.
· Assist the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
· Establish and maintain a strong working relationship with all team members.
- Provide off-hours support on an infrequent, but as needed basis.
- Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team and information sharing environment.
These essential functions are representative of those that must be met by an employee to successfully perform the job. Reasonable accommodations may be made to enable individuals with disabilities to perform these essential functions.
Position may be required to perform other duties as required.
- Bachelor’s degree in Computer Science, Information Technology or related field or a combination of education and experience.
- A minimum of 4-7 years IT experience; at least three of those years focused on IT security.
- Must possess or obtain within 12 months from date of hire, an industry recognized information security certification, such as a CISSP (or Associate), SSCP, CEH, or equivalent.
- Hands-on experience with 5 of the following: vulnerability scanning, firewall, antivirus& malware analysis, proxy, IDS/IPS, log correlation tools, SIEM, DLP, NAC, and application firewall solutions.
- Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings.
- Good technical writing, documentation, and communication skills are required.
- Must live within a commutable distance of Herndon, VA.
OTHER REQUIRED SKILLS:
- Comfortable working on both Linux-based and MS Windows-based system platforms with a strong IT technical understanding and aptitude for analytical problem-solving.
- Strong understanding of enterprise, network, system and application level security issues.
- Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks.
- Understanding of the system hardening processes, tools, guidelines and benchmarks.
- Fundamental or greater understanding of encryption technologies.
Click here to view Jobs List