Cyber Data Engineer with Security Clearance

---

Job description

CYBER DATA ENGINEER (33 NWS) - JBSA LACKLAND, SAN ANTONIO, TEXAS - TS/SCI CLEARANCE REQUIRED Job Description The Cyber Data Engineer will conduct comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems. Will install, configure, troubleshoot, and maintain hardware and software, and administers system accounts. Also expected to research and analyze the latest information security vulnerabilities, threats, exploits, trends and intelligence. Responsibilities Write and develop scripts to automate the system installation of required patches and configurations to remediate identified system vulnerabilities. Perform coding and development as required to augment default SIEM functionality and facilitate the intercommunications of various security controls. Develops basic new cybersecurity capabilities. Develop new and maintain existing Splunk, ELK or other search/analytics tool's knowledge objects (Saved searches, reports, dashboards, data models, event types, field aliases, field extractions, macros, lookups, tags) to alert on potentially malicious activity or fulfill compliance/policy requirements. Ensure critical data feeds and hosts are sending data. Develop, debug and maintain scripting languages. Create, install and test vulnerability fixes to Windows and Unix/Linux platforms. Assist/lead in conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture. Perform systems security engineering and test efforts associated with implementing security controls on networking devices, databases, operating systems, hardware, and software components. Develop vulnerability reports and investigation impact, resolution and verification of security vulnerabilities and patches; as well as, performing deep-dive and impact analysis into failed patch deployments. Develop and provide regular reports on patch management program and overall status of patch compliance. Perform and provide vulnerability assessment results and recommendations to the ESM Lead and DO as necessary. Assess known systems vulnerabilities and verify system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists. Document, implement and prioritize patching requirements across the AFIN/AFNet enterprise. Basic Qualifications An active TS/SCI clearance is required to start Graduate Degree in Software Engineering IAT Level II (ex: Security+ Certification) There is no longer a requirement to obtain a GCFA or GCFE within 120-days of hire Preferred Qualifications Proficient w/ Splunk Processing Language (SPL), ELK Lucene Query Syntax or other search/analytics tool. Proficient with programming/scripting fundamentals - including regex, C++, Python, RHEL, Unix Scripting, and Windows PowerShell is required. Linux+/Red Hat; RHEL 7. More than three (3) years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front- line analysis, and response. Understanding of SIEM "Search" Language & Lucene Query Syntax. Understanding of SIEM Dashboard, Reports, Lookup Tables, and Summary Indexes. Knowledge of how to customize Dashboards via the XML source. Experience with SIEM Apps and ELK. Experience with Python Scripting. Programming experience in Python, C/C++, Java, or Go. Demonstrated expertise with malware analysis, including investigations of botnet and root-kit behavior. Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography). Network Security Devices (IDS/IPS, NGFW, WAF, NGAV). OSSEC, Snort, Suricata Experience. Experience with at least one SIEM i.e Alienvault, Logrhythm, Splunk, Qradar, ELK and Firewalls such as Fortinet, Sonicwall, and Palo Alto. Scanning technologies, Log collection and analysis tools (SIEM). Experience with Scripting/Programming Languages (BASH, Python, Java, etc). Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects) Benefits Medical, Dental, Vision, Unlimited Vacation, Sick Leave, Paid Federal Holidays, Education and Certification Reimbursement Program, 401(k) retirement plan with safe harbor employer match after 3 months, Prepaid legal plan and ID protection plan available, Accident Insurance, Critical Illness Insurance, and Hospital Indemnity Insurance available. EEOC Statement IPSecure is an Affirmative Action Employer and does not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, disability or status as a protected veteran.

<!– job description page –>