Cyber Security Engineer/Analyst

Employer
AboutWeb
Location
Rosslyn, VA
Posted
Dec 15, 2016
Closes
Jun 03, 2017
Function
Analyst, Engineer
Industry
Engineering, Security
Hours
Full Time

About Web is currently seeking qualified candidates for a Cybersecurity Engineer/Analyst in Rosslyn, VA.

Position Overview:

This position will perform vulnerability analysis in order to develop a risk picture of the enterprise and provide tailored remediation strategies to stakeholders. Vulnerability analysis includes high profile, high impact vulnerabilities, response to zero day threats and routine periodic reports. This position serves as the liaison to various IT operational teams to plan, coordinate and track mitigation and remediation activities.

Position Title

Cyber Security Engineer (Senior-Level Engineer/Analyst)

Location

Arlington, VA (Rosslyn)

Security Clearance

Secret Required

Years of experience

5 - 7

Education

Bachelor's degree in Information Security or related field is preferred, but may be substituted with equivalent work experience.

Certifications

One or more of the following desired:

CEH, CISSP, Security+

Duties

Position Responsibilities:

  • Roles include risk assessment, detailed technical recommendations and coordination of remediation and mitigation strategies.
  • Develop and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, compliance and vulnerability analysis of the overall enterprise security posture. Communicate recommendations to the responsible parties, tracking of remediation and verify security patches and required configurations.
  • Analyze available security information including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information, field reports, OIG reports, and intelligence information to assess the status of remote organizations and their cyber security posture.
  • Support incident response, threat analysis, forensics and penetration testing teams by performing on-demand and targeted identification, compliance and vulnerability scans.
  • Leverage various data sources (CDM, Splunk, RSA Archer, penetration tests) to identify systemic and/or critical misconfigurations, vulnerabilities, and unresolved threats to networks.
  • Conduct Computer Network Defense drills in order to evaluate and improve processes related to threat detection, incident response, patching/remediation and user training.
  • Perform liaison activities with other bureaus and offices within the department.
  • Assist in the selection, implementation, support, and/or development of enterprise security tools where required.
  • Interface with vendor support teams to keep abreast of developments in product lines.
  • Develop internal SOPs and job aids. Participate in strategic development, implementation and execution of Tactics, Techniques, and Procedures (TTP).

Daily Responsibilities:

  • Work closely with other groups and build working relationships to effectively complete our mission while respecting stakeholder needs and requirements.
  • Interact with IT operational teams to advise on, coordinate and track mitigation and remediation activities
  • Formulation and creation of information security metrics for the purpose of analysis and greater enterprise security posture awareness.
  • Prepare reports and briefings for senior leadership related to routine and high profile vulnerability analysis.
  • Perform and post results of routine and on demand vulnerability assessments.
  • Consultation and support to other parties within the Monitoring and Incident Response Division concerning Computer Network Defense (CND).

Qualifications

Required: Basic Requirements

This position supports the Monitoring and Incident Response Division in providing Continuous Diagnostics and Monitoring (CDM) with regard to network defense. The successful candidate will have a proactive CND mindset in order to develop comprehensive remediation strategies and strong customer service skills in order to provide technical guidance to other teams. Additionally, strong verbal and written communication skills are required with the ability to relay complex technical issues to leadership. Basic qualifications include but are not limited to:

  • Five to seven years of experience in information security, information technology, or related field.
  • Previous Blue Team experience required; previous Red Team experience preferred.
  • Experience developing Blue Team goals, processes and assessment methodology for effective cyber security assessments.
  • Proven experience developing and leading remediation/ mitigation activities, and providing status updates and reports. Emphasis on remediation plans and strategies.
  • Ability to perform risk analysis by correlating known vulnerabilities and threats and assigning priorities to issues
  • Ability to provide technical leadership and guidance to team members by utilizing cyber security policies, concepts and emerging practices to coordinate assessments.
  • Experience with enterprise vulnerability and compliance scanning systems.
  • Experience with Splunk or other enterprise level data analytics tools.
  • Experience with Windows Desktop, Windows Server and Linux operating systems and system administration - specifically with regard to patching and compliance.
  • Experience with networking hardware (routers, switches, firewalls) and configuration - specifically with regard to patching and compliance.
  • Understanding of networking concepts such as DMZs, subnets, VLANs, private IP addressing and NAT.
  • Ability to perform manual and automated analysis of systems and networks in effort to identify, asses, and mitigate vulnerabilities to strengthen security posture.
  • Ability to perform risk analysis of vulnerabilities and threats and provide risk management recommendations.
  • Basic understanding of the SCAP framework, with a preferred but not required capacity for alteration and editing.
  • Familiarity with NIST Special Publication 800-53 and CVE (Common Vulnerabilities and Exposures) standards.
  • Effective written and verbal communication skills - ability to prepare and present security assessment results to senior management
  • Flexibility to adjust to new requirements and objectives as they develop.
  • Strong customer service skills to follow-up with clients in order to maintain project schedule.
  • Technical knowledge of information technology and cyber security standards and issues.
  • Problem solving and resolution with attention to detail.
  • Strong capacity to share knowledge with other teams.
#AW