The security Engineer plays a pivotal role in keeping our organization’s systems and information secure. He/she works closely with internal IT departments and Architects to assist in design of proper security controls as well as set up and deployment of solutions. This will include on-premise and cloud-based systems and services. Key activities will be to support Discovery Information security technologies and controls keeping them functioning and current.
Sr Engineer must have effective written and communication skills paired with a technical background. He/she be comfortable generating clear and concise Design Document for infosec and IT management. Building relationships with support staff. It is preferable that the candidate would understand networking, TCP/IP, VPN access, and Active Directory access rights and help policies, along with moderate scripting experience.
1. Support all aspects of Information Security Operations initiatives
2. Respond to, manage and contain security incidents
3. Monitor and analyze Intrusion Prevention Systems (IPS), Anomaly Detection Systems (ADS), Splunk (SIEM) to identify and investigate potential security events and issues for remediation.
4. Perform forensics on compromised systems.
5. Provide SME support to GIS management and DCI business
6. Detect, manage and contain security incidents.
7. Perform forensics on compromised systems.
8. Provide SME support to GIS management and DC business
9. Assist GIS management with project plans and deployment of security technologies
10. Contribute to the identification and definition of system security requirements and advise on the design of security monitoring infrastructure.
11. Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
12. Configure and troubleshoot security infrastructure devices and ensure the proper operation of security processing routines.
13. Perform vulnerability assessments and application security evaluations utilizing recognized security assessment tools.
14. Help establish and maintain processes to monitor network traffic for anomalous activity.
15. Develop security test plans based on system architecture, dataflow and hardware and software profile information.
16. Apply INFOSEC best practice and principles to network protocols, architectures, equipment, services, standards and technology.
17. Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures.
18. Assist with the engagement and coordination of third-party security assessments.
19. Maintain job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; and participating in professional organizations.
20. May perform other duties as assigned.
* 3+ years of IT security engineering work experience including 2+ years of cloud security environment))
* 1-2 years of security architecture experience (Preferred: 1-2 years of working on cloud security - AWS )
* Bachelor’s degree required, or 2 years equivalent experience without degree, or an associates and 1 year experience
* Understanding of firewalls, proxies, SIEM, antivirus, EDR, and IDPS concepts.
* Understanding of, and able to reference NIST framework, CSC framework, CSF framework, ITIL, COBIT, and ISO 2700x
* Experience with Unix/Linux and Windows operating systems in an Active Directory environment
* Experience with endpoint security and SIEM technologies, e.g., Carbon Black, QRadar
* Excellent written and oral communications skills.
* GSEC, GCIH, SSCP, CCSP, CISSP-ISSEP, CEH, GCIA, GISF, Security Plus, Network Plus preferred but 5+ years of experience and demonstrated knowledge accepted
* Must have the legal right to work in the United States
Sterling, Virginia, VA