Role is 80% - 20% Split: Security Engineer and Security Analyst
Self-Starter – ability to become competent with new security-related tools and processes.
Demonstrated hands-on experience with multiple tools providing security functions such as vulnerability management (e.g., Nessus, Retina), configuration management (e.g., Tenable Security Center, IBM BigFix, SCCM, McAfee ePO), endpoint protection (e.g., antivirus, ATP), data loss prevention, and intrusion detection software and hardware.
Ability to conduct Deep Dive analysis to determine root cause assessment of various network scanning agents’ scanning or communication failures.
Document and present root cause analysis to upper management.
As an information systems security engineer (ISSE), you will safeguard networks against unauthorized modification, destruction, or disclosure.
Conducts risk analysis on products reviewing CVEs, Tenable plugins, CWEs etc.
Facilitates Technical Insertion for new products,
Researches, evaluates, designs, tests, recommends, communicates, and implements new security software or devices.
Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Transfer Protocol.
Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Procedure Calls (RPC), Hypertext Transfer Protocol (HTTP) and Structured Query Language (SQL).
Ability to perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system.
Demonstrated experience utilizing virtual machines to connect to and repair server-based applications as well as configure and distribute client agents.
Implements, enforces, communicates, and may develop internet, network, or other information security policies or security plans for data, internet, software applications, hardware, telecommunications, and computer installations.
Manage all aspects of an organization's information security system, including researching, testing, training and implementing programs designed to safeguard sensitive information from any possible breaches.
Conducts risk analyses from vulnerability, compliance scans, pen testing results, or other audit activity; writes including but not limited to Plan of Action and Milestones, System Security Plans, Security Control Traceability Matrices, Configuration Management Plans, Contingency Plans and Test Results, Business Impact Analyses, and Security Impact Analyses.
In support of the Information systems security officer (ISSO), your job will include managing all aspects of an organization's information security system, including researching, testing, training and implementing programs designed to safeguard sensitive information from any possible breaches.
Continuous monitoring of system where they are responsible for monitoring and tracking system vulnerabilities and compliance issues
Generates Plans of Action & Milestones (POA&M) to track the mitigation of vulnerabilities and compliance issues.
Excellent oral and written communication skills and the ability to deliver in-person or virtual training that results in excellent assessment via trainee feedback, and ability to review and comment on design documents while providing subject matter expert review.
Bachelor’s Degree with 6 years related experience OR 10 total years of experience in Information Assurance and IT Security
Hands-on experience administration and implementation of various security tools (Tenable, McAfee ePO, BigFix and CSAM)
Cloud security highly desired
Cyber program experience within federal customer space a plus!
Certifications such as CISSP, CEH, CISA, CAP highly desired