Information Security Specialist Engineer II

Employer
AboutWeb
Location
Huntsville, AL
Posted
Dec 15, 2016
Closes
Jun 05, 2017
Industry
Engineering, Security
Hours
Full Time

Information Security Specialist Engineer II

Locations: Vicksburg, MS / Portland OR / Huntsville, AL

Longterm contract

US Citizenship required

Secret clearance Required

POSITION SUMMARY:

The Information Security Specialist Engineer (ISSE) II will support the on-going Cyber Security practice for the contract and customer. The ISSE II is responsible for the operations, development, and maintenance of the SIEM log management infrastructure and associated architectures as well as for developing relationships with all key stakeholders, including customers, operations, engineering, and service management office, to ensure that Cyber Security best practices are identified and fully assimilated into the customer environment.

MAJOR JOB ACTIVITIES:

· Develop, modify, build, implement, deploy and test SIEM correlation and vulnerability management rules in alignment with client requirements utilizing change management best practices.

· Develop and maintain internal asset classification and categorization in the SIEM and vulnerability management portal.

· Act as a subject matter expert (SME) to guide internal staff with a primary mission to proactively prevent incidents by utilizing SIEM, Vulnerability Scanning, and complementary technologies as appropriate.

· Perform security incident analysis, recommend remediation steps and orchestrate available resources to respond in accordance with appropriate incident response plans.

· Analyze alerts as well as develop new triggers and reporting on an ongoing basis.

· Participate on interconnecting the SIEM tool with sources of security incidents (e.g. logs from servers, network and security devices, Vulnerability Management system, Antivirus system)

· Configure and manage security tools in compliance with Department of Defense requirements while also ensuring continued compliance for all devices.

· Work with the security operations center team to ensure security devices/tools are configured properly to monitor, track, and analyze networks/systems for potential security violations while also assisting in all potential incidents.

· Also provide Information security subject matter expertise throughout the tasking and translate security requirements into technical designs/solutions.

· Work in close coordination with the Information Assurance team and SOC to appropriately resolve daily incidents.

· Work with the project team to help ensure customer data, company data, assets, and resources are as secure in order to maintain a proactive security posture within the environment.

· Ensure staff are following customer, DoD, Army, organizational policies and procedures.

· This position requires on-call availability for 24/7 coverage.

· Other duties as assigned.

WORKING ENVIRONMENT:

  • Must comply with OSHA, EPA, Fire and Safety Regulations and published company work policies.

  • Working environment will be in office environment/indoors and may extend into late hours.

  • This position requires the applicant be able to travel up to 25% of the time.

PHYSICAL ACTIVITIES:

Individual should be able to lift up to 40 lbs. unassisted.

MINIMUM QUALIFICATIONS:

Education/Certifications: One year related experience may be substituted for one year of education, if degree is required.

  • Bachelor's degree in Information Security or IT related field

  • At least 7 years' experience in Information Security.

  • At least 3 years of experience in Security Information Event Management (SIEM) and Splunk Tool administration

  • In depth knowledge of Vulnerability scanning tools, intrusion detection/intrusion prevention systems, and a core understanding of DoD/DISA compliance methodologies/requirements.

  • Moderate experience with at least one of the following toll suites highly desired, ArcSight, ACAS, Maltego, CyberArk, HBSS, Imperva, Splunk, Encase, Websense, SourceFire, AlgoSec, Forcepoint/Websense, or FireEye

  • Must be willing to travel; travel is infrequent and often less than two weeks if needed

    Certifications:

  • This position requires DoD 8140 (DOD 8570) standards as a IAT III position with one of the following certifications: GCIH, CISA, CASP, CISSP (or Associate), GCED

Skills:

  • Excellent relationship and team communication skills.

  • Strategic and tactical mindset.

  • Critical thinking and problem solving skills.

  • High tolerance/evolved ability to lead and manage ambiguous situations.

  • Excellent organization skills.

  • Excellent verbal, written, facility and presentation skills.

  • Collaboration and team leadership abilities.

  • Effective time management skills.

Other Qualifications:

  • Ability to establish customer trust and confidence.

  • Ability to travel within company and customer locations as needed within short notice.

  • If the needs of the business dictate, perform tasks outside normally scheduled business hours.

Clearance:

Must be a U.S. citizen, secret clearance required at start date.

#AW