Requisition Number 50647BR
Job Family Cyber Security & Analysis
Position Title (WD) Cybersecurity Systems Engineer
Group (WD) Health & Civil
Telecommuting Options Telecommuting Not Allowed
Position Work Location (WD) BELTSVILLE,MD-ODELL RD (MDC043)
US Citizenship Required Yes
Clearance Required Yes - Interim Required to Start
Clearance Type Secret
Daily Responsibilities SRA is looking to hire a Cyber Security Engineer. The engineer will provide technical expertise working independently and/or with other engineers as part of internal Security Groups. The primary area of responsibility will be evaluating, integrating, and deploying new cybersecurity tools and capabilities based on a common platform. The Cybersecurity Systems Engineer will also deploy and maintain the common platform across multiple geographic regions. The individual will evaluate new security technologies (internal and external) and make appropriate recommendations to ensure technical assessment capabilities remain current.
The ideal candidate will have a solid understanding of cyber security in the domains of security vulnerabilities, malware TTP's, networking protocols, application development, information exchange models, interface and GUI design and development.
This effort will require a skilled Cyber Security Systems Engineer to enable standardized and consistent processes, provide user training, implement innovative industry approaches and provide significant improvement to current capabilities.
Daily Responsibilities:
• Develop and deploy vulnerability and compliance scanning servers across a large enterprise (100,000+ nodes)
• Support and optimize various security capabilities to include, but not limited to intrusion detection/prevention, network-based anomaly detection.
• Integrate & optimize security event collectors and data feeds
• Perform system troubleshooting & maintenance
• Develop and deploy intrusion signature sets to intrusion detection and prevention toolsets
• Engage vendor product support to perform system support and product troubleshooting
• Work with incident response analysts to understand filters, rules, and business use case development processes
• Work hours are 8:00am – 5:00pm, Days TBD in Beltsville, MD.
Required: Degree None
Required: Basic Qualifications • 2+ years of hands-on experience in systems or network administration. (e.g. Experience administering Cisco switches, Microsoft Active Directory, VMWare)
• 1+ year hands-on experience building and deploying virtual server images
• 1+ years hands-on experience with remote administration of VMWare hosts with multiple guest images
• 2+ years enterprise support and deployment of multiple operating systems (e.g. Windows 2008/ 2012, Linux) on a virtual platform
• 1+ years hands-on experience with Virtualization (e.g. VMWare, Microsoft HyperV, )
Required: Work Experience 0-3 Years
Required: Responsibilities SRA is looking to hire a Cyber Security Engineer. The engineer will provide technical expertise working independently and/or with other engineers as part of internal Security Groups. The primary area of responsibility will be evaluating, integrating, and deploying new cybersecurity tools and capabilities based on a common platform. The Cybersecurity Systems Engineer will also deploy and maintain the common platform across multiple geographic regions. The individual will evaluate new security technologies (internal and external) and make appropriate recommendations to ensure technical assessment capabilities remain current.
The ideal candidate will have a solid understanding of cyber security in the domains of security vulnerabilities, malware TTP's, networking protocols, application development, information exchange models, interface and GUI design and development.
This effort will require a skilled Cyber Security Systems Engineer to enable standardized and consistent processes, provide user training, implement innovative industry approaches and provide significant improvement to current capabilities.
Daily Responsibilities:
• Develop and deploy vulnerability and compliance scanning servers across a large enterprise (100,000+ nodes)
• Support and optimize various security capabilities to include, but not limited to intrusion detection/prevention, network-based anomaly detection.
• Integrate & optimize security event collectors and data feeds
• Perform system troubleshooting & maintenance
• Develop and deploy intrusion signature sets to intrusion detection and prevention toolsets
• Engage vendor product support to perform system support and product troubleshooting
• Work with incident response analysts to understand filters, rules, and business use case development processes
• Work hours are 8:00am – 5:00pm, Days TBD in Beltsville, MD.
Desired: Competencies CompTIA - Security+ - CompTIA
VMware Certified Associate (VCA) - VMware
Cisco Certified Network Associate (CCNA) - Cisco Systems
Desired: Responsibilities Supports customers in the Certification and Accreditation (C&A) process for networks, systems and applications, developing System Security Plans (SSPs) and other documentation in accordance with agency established policies.
Provides advanced security monitoring including event, alert, and incident evaluation and determination assistance on escalated issues. Implements measures to prevent unauthorized software from being installed and executed on systems.
Recommends and supports the development and management of network security and incident response policies and procedures. Archives and audits security event logs in accordance with DoD policy.
Responds to known and possible network attacks in accordance with applicable DoD policies, directives, and instructions.
Provides technical computer security training to both internal and external audiences. Conducts security product and suite research.
Offers investigative and computer forensics support. Conducts penetration tests. Provides patch and exploit dissemination.
Performs technical vulnerability assessments; Engages in intrusion detection and prevention; Provides incident reporting and response capability.
Ensures the integrity of detection and response platforms deployed in the SOC and continuously evaluates the efficiency and deployment of security systems and configurations to ensure the defensibility of the corporate network.
Deploys and maintains open source, commercial, and custom developed platforms that collect appropriate data to detect and respond to intrusions against the corporate network.
Builds, deploys, and maintains network security monitoring (NSM) and SOC infrastructure components critical to the collection of security event data and the SOC mission operating environment. Develops and maintains configuration management and automation tools to maintain NSM platforms.