Cybersecurity Engineer I

Engineering Dulles, Virginia


Description

Position Location: Dulles, VA or Tampa, FL

 

Opportunity Summary

Maintain the day-to-day operations of the in-place security solutions while identifying, investigating, and resolving security breaches detected by those systems. Along with involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards up-holding those goals.

 

PRIMARY RESPONSIBILITIES / KEY RESULT AREAS

    Maintain the day-to-day operations of the in-place security solutions while identifying, investigating, and resolving security breaches detected by those systems

     Implementation of new security solutions to the enterprise security architecture, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits, Business Continuity and Disaster Recovery test and assessments

     Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors along with state-of-the-art telecommunications security as well as data security across multiple computer platforms

    Monitor all in-place security solutions for efficient and appropriate operations, while recommending security solutions or enhancements to security solutions to improve overall enterprise security

     Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically

    Maintain up-to-date baselines for the secure configuration and operations of all in-place de-vices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.) and ensure operational configurations are maintained.

    Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution

      Participate in investigations into incidents and perform incident response functions as needed

      Participate in vulnerability assessments, penetration tests and security audits

      Coordinate with end users and technical staff to implement and maintain systems that utilize industry best practices to meet business objectives, while maintaining the security and integrity of the data, system, and network. And provide on-call support as needed

      Generate metrics, project status reports and operating status reports for management and team members and maintain timely and accurate helpdesk records using the ticket management system.

 

QUALIFICATION & EXPERIENCE

         Two or more years of relevant experience

         Bachelor’s degree in Management Information Systems or comparable discipline is preferred

         U.S. citizen with ability to obtain Top Secret SCI Clearance is required; existing clearance preferred

         Applicants must have a current DoD-approved Professional IAM Level I Baseline Certification (CompTIA Sec+, etc.) IAM Level II desired (ISC2 CISSP, etc.)

         Expertise/experience in desired technical field to include:

  • Fundamental understanding of McAfee VirusScan with e-Policy Orchestrator, Splunk Enterprise, Microsoft Windows Server 2019 and Windows 10, Tenable Nessus, DISA SCAP Compliance Checker, Linux, VMWare, Palo Alto Firewalls and PAN-OS
  • Review, auditing, and evaluation of applied Defense Information Systems Agency (DISA) Security Technical Implementation Guidance (STIG) and Security Requirements Guides (SRG)
  • Fundamental understanding of one or more of the following security control or certification frameworks: Application, implementation, or verification of National Institute of Standards and Technology (NIST) Special Publication 800-53, DoD Risk Management Framework (RMF), CNSSI 1253, ISO/IEC 27003 along with technical controls or enhancements

 

 

SES is an Equal Opportunity and Affirmative Action Employer

 

SES Government Solutions is an Equal Opportunity and Affirmative Action Employer. SES Government Solutions is committed to workplace diversity, equity & inclusion. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, or any other characteristic protected by local, state, or federal law.