Cyber Security Engineer

Information Technology Richmond, Virginia Columbus, Ohio


Horizon Industries Limited (HIL) is a dynamic IT and Management Consulting firm based in the Washington, DC area. We are currently seeking a Cyber Security Engineer for a full-time position, supporting the Defense Logistics Agency (DLA) on location in Columbus, OH or Richmond, VA.

Job Description:

The JETS Program provides the full range of IT services, technical and management expertise that support applications, software, hardware, infrastructure, and systems, across the DLA IT Enterprise. Support is provided for information technology solutions, technical support, maintenance, and sustainment; operations support; application development, maintenance and technical support; and lifecycle management. Additionally, the program also supports administrative program management support for IT program offices and DLA Information Operations (J6) Office.   The program provides support technology services across the DLA Information Operations Enterprise, the DLA Program Executive Offices (PEO), and all other technology services currently supported through DLA Contracting Services Office (DCSO) acquisitions.


Duties of a CyberSecurity Engineer may include:

  • Performs a variety of routine project tasks applied to specialized information assurance problems
  • Tasks involve integration of electronic processes or methodologies to resolve total system problems, or technology problems as they relate to IA requirements
  • Analyzes information security requirements
  • Applies analytical and systematic approaches in the resolution of problems of work flow, organization, and planning
  • Provides security engineering support for planning, design, development, testing, demonstration, integration of information systems
  • Analyzes threat information gathered from logs, Intrusion Detection Systems (IDS), intelligence reports, vendor sites, and a variety of other sources
  • Creates customized dashboards using Security Information and Event Management (SIEM) tool ArcSight Event Security Manager (ESM) to elevate high threat items to incident responders
  • Provide analysis and make recommendations in line with the roles of NOSC Incident Handlers (IH) and site Information Assurance Managers (IAM)
  • Develop ESM rules, reports, dashboards, data monitors, active channels, trends and use cases to identify threats and optimize data mining across DLA
  • Will research, plan, install, configure, troubleshoot, maintain and backup all components in the DLA ArcSight Enterprise Log Management (ELM) architecture


Required Skills / Experience:

  • Administration knowledge of the ArcSight ESM and backend database infrastructure related to upgrades and daily maintenance is essential
  • Experience creating custom dashboards and reports in ArcSight ESM using threat data
  • Experience in the integration and sustainment of ArcSight Connector Appliance, Logger components, and ArcSight ESM
  • Possess a relevant certification meeting the DOD 8570.01 IAT III. One of the following:
    • CASP CE
    • CCNP Security
    • CISA
    • CISSP (or Associate)
    • GCED
    • GCIH
  • Must hold a DOD 8570 CNDSP Infrastructure Support certification. One of the following:
    • SSCP
    • CEH
  • One of the following Computing Environments with associate required experience: 
    • ACAS Administrator 
      • Four (4) years of experience maintaining Vulnerability scanning solutions in a DOD environment
    • Innerview Administrator 
      • Four (4) years of experience maintaining Insider Threat solutions in a DOD environment
    • RSA Archer Certified Administrator I or II AND MCSA, or MCSE in Microsoft Windows Server 2012, or 2016. 
      • One (1) to three (3) years of experience using RSA Archer
    • Linux+
    • ArcSight Administrator
    • IBM Certified Analyst - Security SiteProtector System
      • Four (4) years of experience creating customized signatures using SNORT and TRONS.
  • Seven (7) years of relevant IT experience
  • Must have an active DOD Top Secret Clearance at time of proposal submission
  • Must possess an active IT-I access level


Preferred Experience:   

  • Two (2) to four (4) years of experience supporting/using SIEM tools for incident response
  • Create custom dashboards and reports in ArcSight ESM using threat data.
  • Experience creating custom reports in ArcSight Logger
  • Experience in the integration and sustainment of ArcSight Connector Appliance and Logger components
  • Four (4) years of experience maintaining Linux Operating Systems
  • Four (4) years of experience supporting Windows Server Operating Systems
  • Four (4) years of experience creating customized scan signatures
  • Four (4) years of experience maintaining network IDS sensors, McAfee Network Security Platform (NSM) and IBM Site Protector, in a DOD environment
  • Four (4) years of experience tuning IDS signatures in a DOD environment
  • Knowledge of TCP/IP
  • Scripting skills - SQL, REGEX, BASH, PERL or VBA
  • Six (6) years of IA/cyber security experience, preferably DOD
  • System implementation and development (SDLC) experience
  • Two (2) years of experience maintaining ArcSight Logger in a DOD environment
  • Two (2) to four (4) years of experience supporting HP Fortify Software Security Center (SSC)
  • Two (2) to four (4) years of experience supporting Tenable Nessus/ACAS
  • Two (2) to four (4) years of experience supporting/using SIEM tools for incident response


Education: None

Location: Columbus, OH or Richmond, VA

Horizon is an Equal Employment Opportunity employer and it is our policy to consider all applicants for employment without regard to sex, race, color, creed, religion, national origin, sexual orientation, marital status, age, disability, veteran status, alienage, ancestry, citizenship status, or any other factors prohibited by law. Horizon will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the Horizon’s legal duty to furnish information.