Network Security Engineer
KBM Group, Inc., has an immediate opportunity for a Network Security Engineer to provide services within the Maryland Department of Transportation (MDOT) Network Managed Services (NMSIII) contract. We are seeking an innovative team player with an eye towards Enterprise Network Security operations.
Duties and Responsibilities:
The successful candidate will work with senior security engineers in deploying, configuring, maintaining, and troubleshooting various security technologies on a large enterprise network. Technologies include, but are not limited to, firewalls, intrusion prevention systems (IPS), vulnerability scanners, web filters, two-factor authentication systems, wireless controllers, network access control (NAC), and security information and event management (SIEM) solutions. Responsibilities also include analyzing logs, alerts, and reports generated by several security technologies, including IPS, SIEM, and vulnerability scanners. In addition to performing technical tasks, the candidate will be expected work on IT security tasks such as preparing technical updates, researching new security technologies, and attending meetings.
Specific Duties Include, but are not limited to:
- Installation and configuration of firewalls, VPN, IDS/IPS
- Review reports, files, logs, and messages produced by engineers, system administrators, and systems identifying instances of potential information security infractions
- Respond to trouble ticket calls and requests for service
- Provide onsite technical support as necessary
- Work with NMSIII Senior engineers on the deployment, administration, and troubleshooting of numerous security technologies
- Assist in Incident Response activities
- Provide after hours on-call support on a rotation basis
Minimum 3 years of experience working with the following technologies: Firewalls and Proxy Servers, Intrusion Detection Systems, Vulnerability Scanning, Remote Access and VPN, ISMS/GRC tools.
- Ability to investigate and resolve security related incidents or requests in a timely manner
- Familiarity with performing Cybersecurity risk assessments
- General network troubleshooting skills, including packet capture analysis
- Able to manage and work through assigned projects under a standard framework (e.g. develop project plans, schedules, test documentation, etc.)
- Capable of working with minimum supervision
- Ability to communicate using a variety of workgroup tools including Visio, Project, and PowerPoint
- Excellent communication skills (written and verbal) required
- One or more of the following industry-recognized certifications: Security+, CEH, GIAC Security Essentials, OSCE, CISSP, etc.
Required Education & Experience:
Bachelor's degree (B.S.) or higher from an accredited college in engineering, computer science, information systems, or mathematics and/or 4 years related experience and/or training; or equivalent combination of education and experience including one or more IT certifications in security and/or firewalls.
--U.S. Citizenship Required--
Desired qualifications include the following:
- Cisco ASA and Palo Alto firewalls (including administration of site-to-site and remote access VPN)
- Bluecoat web filters
- A strong familiarity with Cisco networking devices
- Entrust IdentityGuard
- McAfee Network Security Platform
- Aruba wireless networks
- Tripwire and Nessus vulnerability scanners
- Wireshark skills
- Strong Linux and Unix skills
- Strong Microsoft skills
KBM Group, Inc. is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.