Senior Cyber Security Engineer with Security Clearance

Bespoke Technologies Inc.

2024-05-08 07:07:40

Dulles, Virginia, United States

Job type: fulltime

Job industry: I.T. & Communications

Job description

The Sr Cyber Security Engineer designs, develops, documents, analyzes, tests, integrates, debugs, conducts research and/or discovers and analyzes security flaws or vulnerabilities in software, networks, systems, and applications. The Sr Cyber Security Engineer ensures system security needs are established and maintained for various objects/matters. Responsibilities:
• Identify Security Requirements for systems.
• Ensure security requirements are planned, implemented, and tested.
• Test and verify requirements are implemented and documented for ATO purposes.
• Manage RMF process to obtain and maintain system ATO.
• Responsible for reviewing and commenting on security risks and security issues related to any Change Requests, Infrastructure Change Requests and Configuration Change Requests
• Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents.
• Assess and analyze system security to identify and mitigate risks and vulnerabilities.
• Recommend countermeasures to mitigate risks and vulnerabilities.
• Prepare/Update documentation, including incident reports, security recommendations, etc.
• Assist in identifying, prioritizing, and coordinating the protection of critical cybersecurity infrastructure and key resources.
• Perform basic system design functions, including interpretive analyses, chart preparation and associated diagrams/enhancement plans.
• Test existing and new technologies.
• Review/analyze requested changes for equipment, technology and/or other factors/trends, which are planned for deployment in the customer space.
• Support the configuration and administration of cyber security tools and systems. Required Skills:
• U.S. Citizenship
• Must hold an active Secret clearance and be able to obtain a TS/SCI clearance
• Must be able to obtain DHS Suitability
• 6+ years of applicable experience in cyber security
• Experience with commercial cyber tools and technologies
• Experience with standard security principles, policies, standards and industry best practices
• Experience and knowledge of networking (TCP/IP, topology, sockets and security) and web technologies (Internet security)
• Experience or knowledge of intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis Desired Skills:
• Experience in ServiceNow
• Experience with AWS Security Hub and Guard Duty
• Experience editing /auditing Security Groups, NACLs, or Access-Lists.
• Experience or knowledge of Endpoint Protection/Detection/Response and Extended Detection and Response solution
• Understanding and ideally experience with Windows or Linux/Unix operating systems.
• Experience with Security Event Incident Management (SEIM), Log Correlation and Network Behavior Anomaly detection systems
• Experience and/or familiarity with development languages such as: Java, Swing, JUnit, Perl, Python, HTML
• Demonstrated experience and/or familiarity with VMware and virtual machines.
• Experience with SAFe
• Experience with automated testing tools
• Experience with one or more of the following:
• Security COTS integration
• Security Incident Event Management
• Insider Threat Monitoring
• Operating System hardening tools
• Vulnerability assessment testing
• Penetration Testing
• Dynamic and Static Testing tools operations
• Identification and Authentication schemes
• Public Key Infrastructure and Identity Management
• Cross Domain Solutions
• Computer Network Exploitation (CNE)
• Computer Network Operations (CNO)
• Malware Analysis
• Reverse Software Engineering
• Ability to write custom tools and modify existing intrusion detection tools Required Education:
BS Cyber Engineering, Computer Science, Computer Engineering, Computer Information Systems, OR a related field. Two years of related work experience may be substituted for each year of degree level education. Desired Certifications:
• Information Systems Security Engineering Professional (ISSEP)
• Certified Ethical Hacker (CEH)
• SANS/GIAC Reverse Engineering Malware (GREM)
• ArcSight Certified Security Analyst (ACSA) or ArcSight Certified Advance Security Analyst (ACASA)
- Certified Information Systems Security Professional (CISSP)