Information Security Engineer
Job Description The candidate will be responsible for managing firewall and IDS/IPS systems, evaluating firewall policies for currency and risks, supporting external/internal vulnerability scans, evaluating vulnerabilities and supporting risk assessments. Responsibilities include, but are not limited to: Administering Next General firewall, firewall VPN and IDS/IPS policies Recommending firewall and VPN policy standards, specific policies, and IPS blocking policies Generating firewall policy/ruleset reports, identifying outdated policies/rules and making risk recommendations Participate in Change Control Board reviews of proposed firewall policy changes to determine potential risks and make risk and risk mitigation recommendations to meet business requirements Reviewing firewall/IDS logs and firewall/IDS log monitoring reports from the Security Operations Center (SOC) for malicious activity or incidents Review network vulnerability scan reports for risks, making remediation recommendations and taking actions to configure network security systems to address threats and risks Working with the IT Group network engineers to evaluate network architecture risks, firewall, VPN and Network IDS/IPS architecture practices, and network vulnerabilities; determine and validate ACL requirements, and collaboratively improve network security configuration Support security incident identification, response and resolution including after hours, weekend and holidays response such as urgent firewall rule changes, IPS signature blocking and zero-day IDS signature updates Provides network security design recommendations Assists with risk assessment, vulnerability assessments, and continuous monitoring. Skills & Experience: Experience installing and administering firewall and IDS/IPS systems in enterprise networks including in Cloud environments Demonstrated knowledge of network and web related protocols (ie: (TCP/IP, HTTP, BGP, TLS, IPSec, SSL, SSH, etc.) Understanding of network authentication and authorization protocols (TCACS, Radius) Experience with other protocols and security implementations Experience with interpretation and application of information security policy and standards. Relevant security certifications such as CISSP, CompTIA Security+, CEH, GIAC certs, etc. Highly desired knowledge and experience regarding: Experience with Palo Alto, Cisco ASA, and SOC Firewalls/IPS/IDS and Sourcefire IDS/IPS Experience with web content filtering Experience working in one or more of the public cloud providers (AWS, Azure, Google) with security features such as VPC, DLPs Working knowledge of mixed environment (Windows and Mac) systems. Systems administration, monitoring, and patching experience. Ability to write technical documentation and communicate effectively. Prior Federal contracting experience or government experience. Knowledge of NASA and/or DoD Information Technology, Network, and IT Security Processes Knowledge/Experience with NIST Risk Management Framework Knowledge/ Experience with ISO27001:2013, NIST SP 800-53 and NIST SP 800-171 Experience with network vulnerability scanners (eg Nessus). Educational Requirements: Bachelor's degree from an accredited college or university with a curriculum or major field of study relevant to the duties of the position including information network management, information security, cybersecurity, computer science, information systems, or engineering and at least 3 years experience with the required skills (Note: 5 years of relevant experience, including military training, may be considered as a substitution for education). Clearance Requirements Must be eligible for SECRET level clearance, Active Secret preferred. Company Description SGT provides award-winning, high-value engineering, mission operations, scientific, and IT service solutions to a wide array of federal government agencies nationwide.