Information Systems Security Engineer (ISSE)

Employer
Nava
Location
Washington, DC
Posted
Apr 19, 2021
Closes
Apr 22, 2021
Ref
1915581241
Hours
Full Time
Information Systems Security Engineer (ISSE) Washington, DC / Engineering and Software Development - Information System Security Engineer (ISSE) / AnaVation is seeking an Information Systems Security Engineer (ISSE) to support our mission critical customer in Washington, DC Position Responsibilities Include: Excellent oral and written communication skills, the ability to accurately manage complex workstreams, comprehend the application of the RMF, and understand the application of security controls across the interface, application, operating system, network, and database layers of modern information systems. Understand the applicable artifacts used as evidence to assess compliance. Experience with multiple tools providing security functions such as vulnerability management (eg Nessus, Retina), configuration management (eg Bigfix, SCCM, EPO), endpoint protection (eg antivirus, ATP), data loss prevention, and intrusion detection software and hardware. Experience utilizing virtual machines to connect to and repair server-based applications as well as configure and distribute client agents. Ability to fully administer the applications assignee. Experience with the utilization of multiple tools providing security functions such as vulnerability management (eg Nessus, Retina), configuration management (eg Bigfix, SCCM, EPO), endpoint detection (eg antivirus, ATP), data loss prevention, and intrusion detection software and hardware. Familiarity with the various use cases and alignment of data from each tool to various security disciplines in configuration management, vulnerability management, risk management and incident management. Familiarity with the use of data analysis tools, including the use of Microsoft Excel or PowerBI to combine data from multiple sources. Familiarity with encryption technologies used in commercial operating systems, including Public Key Infrastructures, symmetric and asymmetric cryptography, certificate trust stores and the use of key escrow for discovery and legal purposes. Familiarity with the use of Transport Layer Security (TLS) to secure network communications, code signing certificates and Certificate Authorities (CA) for the administration of encryption trust certificates. Excellent written communication skills and the ability to review and comment on design documents while providing subject matter expert review. Familiarity with multi-tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS) and the exploitation mechanisms of common vulnerability types (eg buffer overflows, cross-site-scripting, SQL injection). Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections. Ability to use common tools such as Wireshark to examine network traffic. Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Procedure Calls (RPC), Hypertext Transfer Protocol (HTTP) and Structured Query Language (SQL). Ability to perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system. Familiarity with multi-tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS) and the exploitation mechanisms of common vulnerability types (eg buffer overflows, cross-site-scripting, SQL injection). Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections. Ability to use common tools such as Wireshark to examine network traffic. Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Procedure Calls (RPC), Hypertext Transfer Protocol (HTTP) and Structured Query Language (SQL). Ability to perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system. Required Qualifications: Over 4 years engineering and deploying IT systems

Similar jobs