Security Engineer

Employer
eGlobalTechInc
Location
Arlington, VA
Posted
Apr 20, 2017
Closes
Apr 21, 2017
Industry
Engineering, Security
Hours
Full Time
About the Role: As a Security Engineer you will architect and implement optimal (enterprise coverage, minimal device footprint, minimal network impact) deployments and respective configuration of hardware and software for enterprise security solutions covering a wide-range of security topics, including, but not limited to: Vulnerability Management, Configuration Management, Network Access Controls, Malware Defenses, Application Software Security, Security Code Review, Software Asset Management, Hardware Asset Management, Vulnerability Remediation, Security Event and Log Management, Incident Response, Penetration Testing, Wireless Access Control, Least Privilege, Network Monitoring, Boundary Defense, Security Assessment, Account Monitoring and Control, Data Protection, Insider Threat, Continuous Monitoring, and/or others as requested by the Government. Automate and streamline repetitive IT security processes, and the handling of vast amounts of security data, at the discretion of the Federal task lead, using programming and the Security Event Management framework to consolidate security information and reporting. As a Security Engineer supporting Agile Development and DevOps, this task is primarily intended to support the security activities and integrate security into the Agile development environment, and assist in architecting security solutions and recommending security best practices associated with the development of new enterprise applications in an Agile/DevOps environment. Responsibilities: * Create actionable intelligence through triggers, filters, and signatures that pinpoint threats contained within the Security Event Management system for the Security Operations Center to investigate from new and existing continuous monitoring security products, such as, but not limited to: Tenable SecurityCenter, McAfee EPO, DbProtect, Splunk, ArcSight, CISCO ISE, IDS, IOS and Microsoft SCCM, WSUS, Xceedium, NetWitness, HP WebInspect and Fortify, etc. * Perform hardening and rule creation for new firewalls, switches, routers and other network equipment. Review and re-evaluate existing networking equipment to reasonably ensure that there are no rules that expose Federal Government Agency security posture to unnecessary risk. * Attend all meetings, design reviews, engineering conference calls, system readiness reviews, and participate in Integrated Planning Teams (IPTs) and/or Scrum Sprints/Increments to monitor security requirement execution throughout the Federal Government Agency Systems Lifecycle process and deliver minutes, and any ad-hoc project reporting requested by the Government * Implement, support, and write filters, plugins, access control lists, and monitoring rules for new and existing continuous monitoring security products. * Write system lifecycle documentation for security products or security-relevant system components. This includes, but is not limited to: Project architecture diagrams, project plans and timelines, Concepts of Operations, Standard Operating Procedures, use cases, user stories, change management documents, system lifecycle documentation, technical implementation strategies, and product specific configurations that align with Federal Government Agency policy and procedure, DHS policy and procedure, DHS continuous monitoring requirements and annual metrics, and NIST Special Publication 800 Guidance. * Evaluate best-of-breed products and standards, consistent with Federal security guidance. * Perform product/standards comparisons based upon research, independent lab test result reports, intelligence agency recommendations, and other resources authoritative, mandatory, or compelling to a US Federal agency. * Identify and evaluate information security threat models and methodologies. Manage the implementation and maintenance of the selected methodologies by applying the threat model to support ongoing, proactive protection of the Federal Government Agency enterprise environment, and to facilitate an efficient response to security incidents. Develop standards, templates and automated mechanisms to support threat modeling and analysis of individual Federal Government Agency information systems and information. Provide recurring inputs, triggers and reporting into the Security Information Event Management tool and Ongoing Authorization processes. * Schedule and attend conference calls, meetings, demonstrations, conferences, trade shows, and other events with third-party equipment, software, and service vendors for the purposes of market research. Provide expert opinion to Federal manager, but will not make product/standards selections on behalf of the Government. Product/standards selection will only be performed by the Government. * Support the design and deployment of information security solutions at all layers of the OSI model, physical layer to application layer, to facilitate a comprehensive defense-in-depth strategy and intrusion defense chain methodology. * Be responsible for the technical configuration and installation of products into a pilot/evaluation location established via the Change Request (CR) process. * Generate procedures necessary to operate and maintain products under pilot/evaluation. * Generate Systems Lifecycle Process documentation necessary to obtain engineering approval for products under pilot/evaluation. * Generate the Enterprise Architecture (EA) documentation necessary to obtain Technical Reference Model (TRM) approval for products under pilot/evaluation. * Schedule and attend all meetings and file all Federal Government Agency forms, tickets, and change requests necessary to facilitate successful deployment of security products/projects. * Generate and present formal reports and presentations that explain and defend the recommended product selections in meetings designated by the Government POC requesting the evaluation. Required Qualifications: * 5+ years of experience in IT security, and 3 years of specialized experience. * Bachelor's Degree, or Associates degree with an additional 2 years' experience. * One of the following: Certified Splunk Knowledge Master, SANS Global Information Assurance Certification (GIAC) Security Expert (GSE), Certified ScrumMaster, Amazon AWS Certified Solutions Architect or other comparable certification. * **U.S. citizenship required, active Secret clearance preferred.** * Detailed technical knowledge of database and operating system security. * Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc. * Experience will NIST SP800 guidance, DHS policy, Federal Government Agency's policy, and industry best practice (ie OWASP). * Proven experience with Tenable SecurityCenter, McAfee EPO, DbProtect, Splunk, ArcSight, CISCO ISE, IDS, IOS and Microsoft SCCM, WSUS, Xceedium, NetWitness, HP WebInspect and Fortify, etc. * Proven experience hardening and creation of rules for firewalls, switches, routers and other network equipment. * Proven experience writing filters, plugins, access control lists, and monitoring rules for new and existing continuous monitoring security products. * Thorough understanding of the latest security principles, techniques, and protocols. * Proven experience writing system lifecycle documentation for security products or security-relevant system components. This includes, but is not limited to: Project architecture diagrams, project plans and timelines, Concepts of Operations, Standard Operating Procedures, use cases, user stories, change management documents, system lifecycle documentation, technical implementation strategies, and product specific configurations that align with Federal Government Agency policy and procedure, continuous monitoring requirements and annual metrics, and NIST Special Publication 800 Guidance. * Proven experience performing hands-on technical security risk assessments. * Problem solving skills and ability to work under pressure. * Strong Communication skills, verbal and written. * Occasional travel. Desired Qualifications: * Desired Certifications: Certified Splunk Knowledge Master, SANS Global Information Assurance Certification (GIAC) Security Expert (GSE), Certified ScrumMaster, Amazon AWS Certified Solutions Architect or other comparable certification. About Us: Founded in 2004, eGlobalTech (eGT) is a leading management and IT consulting firm in the Washington, DC metropolitan area. Our focus is to provide the public sector with innovative solutions, leveraging cutting-edge tools and methodologies to meet the Government's most pressing business needs. To achieve this objective, our core practice areas - strategy, IT solutions development, cyber security, and cloud computing - are integrated to provide clients with comprehensive end-to-end results. This integration enables our highly motivated teams to thrive in a culture that encourages out-of-the-box thinking, collaboration and an environment where you can excel. For more information, please visit our website at www.eglobaltech.com. **Equal Employment Opportunity:** eGlobalTech is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, gender, age, status as a protected veteran, sexual orientation, gender identity, or status as a qualified individual with a disability. EEO is the Law. *Job Location:* US-VA-Arlington *Type:* Regular Full-Time *Status:* Current