We are seeking a Cybersecurity Engineer position in Washington, DC. All applicants must have an active Top Secret clearance.
Cybersecurity Engineer to provide IT Systems Security support to a government customer.
The Cybersecurity Engineer responsibilities include:
- Recommend and implement technological and architectural upgrades/modifications to agency's Information Systems Security architecture.
- Interface with IT Operations, special programs, and other groups to ensure their projects integrate the necessary cybersecurity controls and technologies.
- Install, configure and maintain Linux servers (CentOS, RHEL, Ubuntu)
- Install, configure and maintain IDS sensors (Snort, SourceFire, Suricata, Bro, NTOP)
- Install, configure, and maintain Host based defenses (McAfee ePO)
- Install, configure, and maintain Security Orchestration Automation Response (SOAR) technologies
- Install, configure, and maintain vulnerability scanning solutions (Tenable)
- Install, configure, and maintain enterprise firewalls
- Install, configure, and maintain SIEM solutions
- Install, configure and maintain other commercial, GOTS, and open-source tools to support the mission
- Develop and implement custom scripts(Python/Powershell) to solve integration challenges between products
- Provide incident response functions when appropriate and coordinate activities with site Incident Handlers.
- Write standard operating procedures, guidelines, systems documentation and other technical documentation.
- Work closely with the SOC Watch and Cyber Threat Intelligence groups, quickly answering ad-hoc questions to support their missions
- Maintain backups of cybersecurity systems and ensure resiliency
- Any other duties as requested by the SOC management
The Cybersecurity Engineer may also occasionally asked to perform non-engineering duties which include the following, and ideal applicants will be experienced in at least one of the following areas:
- Incident Response
- Cyber Hunt
- Digital Forensics
- Malware Analysis
- Reverse Engineering
- Penetration testing
- Data Analytics/Machine Learning
Experience supporting many of the following:
- Splunk, ElasticSearch, McAfee ePO, Tenable SecurityCenter/Nessus, Palo Alto, SourceFire, Cylance, all FireEye products, Suricata, Bro, Snort, ntop, CentOS
- Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).
- Multiple industry certifications such as CISSP, GIAC, CeH
- Multiple product certifications such as RHCE, CCNA, Tenable, Splunk
- Possesses experience supporting the Intelligence Community (IC)
- Experience proactively providing system security support in accordance with NIST 800 series
- TS Required; SCI Preferred.
- Ability to obtain a Q/SCI required.
- May begin work after receipt of TS/Q/SCI clearance.
- 7-10 years experience
- Bachelor’s degree in Computer Science, Information Assurance, Information Security System Engineering, or related discipline from an accredited college or university