Sr. Security Engineer

Arlington, VA
Dec 07, 2018
Dec 10, 2018
Engineering, Security
Full Time
Sr. Security Engineer - active TS/SCI required Sr. Security Engineer HuntSource is partnered with a leading cybersecurity solutions organization supporting national security programs and delivering cybersecurity solutions to defend the individual and business. Our client offers a driven and innovative environment, and continuous growth opportunities. Sr. Security Engineer Duties/Responsibilities: The scope of the position includes security engineering, testing, analysis, documentation, and design assurance of complex, carrier grade networks designed to provide boundary defense from sophisticated threat actors. You must have a strong understanding of modern network technologies, protocols (eg TCP, SMTP, DNS, SSH, etc.), and security practices. The Sr. Security Engineer must well versed in reviewing, analyzing, and commenting on secure network design, federal security and operational requirements (eg NIST SP 800-53r4, CNNSI 1253, etc.). Candidates must be able to adopt a threat actor's perspective when performing design assurance to ensure these systems are not only compliant but offer effective security measures against advanced threats. You will be required to develop clear, thoughtful, and actionable recommendations to improve the security of these systems and must be able to communicate these recommendations effectively through verbal and written means. Sr. Security Engineer Requirements: Assist client technical staff in implementing or optimizing new cybersecurity capabilities such as vulnerability management systems, firewalls, intrusion detection systems, or log management infrastructure. Evaluate and compare commercial products to meet specific client needs. Perform cost/benefit analysis and provide clear recommendations based on the specific client environment. Review and critique network and network security solutions, applying your knowledge and experience to evaluate compliance with operational and mission requirements, such as scalability, maintainability, security, reliability, flexibility, availability, and manageability. Act as network security subject matter expert working on behalf of the customer to review system designs submitted for approval by the government. Participate and lead Technical Exchange Meetings with the government Program Management Office (PMO) and commercial service providers to discuss system designs and provide recommendations. Review, evaluate, and recommend action for change requests and plans of action and milestones (POA&Ms). Utilize knowledge of NIST 800-53 Rev 3&4 and CNSSI 1253 controls to evaluate system compliance. Review and evaluate systems security documentation, software code, configuration files, SSPs, SECONOPS for compliance and vulnerabilities. Design, build, and operate virtualized environments used to simulate commercial service provider systems prior to onsite assessment. Work with red team and penetration testers to develop detailed test and assessment plans to be used during onsite security assessment. Leverage systems and networking skills to evaluate and exploit vulnerabilities from insider threat and external threat perspective Participate in the design and implementation of reference models and security architectures for prototyping new countermeasures and capabilities. Sr. Security Engineer Required Qualifications: Bachelor's Degree in Computer Science, Networking, Cybersecurity or related technical field. Five (5) years of experience in the following areas: Enterprise firewall administration including installation, maintenance, and rule management Windows server and workstation hardening through configuration and host-based security software (eg, host-based firewalls, antimalware, application whitelisting). Network architecture and segmentation analysis and knowledge of networking concepts such as VLANs, routing, and encrypted tunnels. Administration of centralized logging tools and/or Security Information and Event Management Systems (SIEMs). Sr. Security Engineer Preferred Qualifications: Familiarity with federal information security standards (eg, NIST SP 800-53r4, FedRAMP, CNNSI 1253) and practical experience implementing solutions that comply with these standards Code Analysis Advanced network protocol manipulation Coding in any modern language (eg, Ruby, Perl, Python, Go, C#) Ability to communicate technical topics in clearly and in in a way understandable to a non-technical audience Linux and common command line tools Windows server administration and associated management tools Experience with Splunk and Palo Alto products Experience with email gateways such as Ironport or Proofpoint Experience with web gateways such as Forcepoint (Websense) or Bluecoat Experience with Web Application Firewalls (WAF) such as F5 ASM or Imperva

Similar jobs