Senior Cyber Engineer

  • Talent Savant
  • Dulles, VA, USA
  • 04/09/2018
Top Secret SSBI SCI Cybersecurity Engineering - Hardware / Software Intelligence / CounterIntelligence IT / Telecom Science / Technology Development

Job Description

Senior Cyber Engineer 

Each of Senior Cyber Engineer level may have additional education, skill and/or experience requirements.

Tasks include:

· Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents.

· Assess and analyze system security to identify and mitigate risks and vulnerabilities.

· Recommend countermeasures to mitigate risks and vulnerabilities.

· Prepare documentation, including incident reports, security recommendations, etc.

Required skills may include the following:

· Experience in intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis.

· Experience with standard security principles, policies, standards and industry best practices.

· Experience with software development

· Understanding of windows and UNIX operating systems

· Understanding of security technologies and concepts, experience in design and implementation of secure network solutions including DMZs and web portals

· Knowledge of Information Assurance and Information Operations technologies and development activities.

· Understanding of the processes and guidelines for Certifying & Accrediting (DCID, ICD, NIST 800-53, SANS 20) information systems based upon experience on a large-scale development program.

· Practical experience hardening IT systems in compliance with STE/STIG guidelines

· Possesses or quickly develop a comprehensive understanding of Government Information Security policies, regulations, and guidelines.

· Experience and knowledge of networking (TCP/IP, topology, sockets and security), operating systems (Windows/UNIX/Linux), and web technologies (Internet security)

· Active Top Secret/Sensitive Compartmented Information (TS/SCI) security clearance required.

· U.S. Citizenship required.

Desired skills include:

· Experience with Security Event Incident Management, Log Correlation and Network Behavior Anomaly detection systems (ArcSight, QRadar , Splunk, Mazu, Arbor, etc.)

· Experience and/or familiarity with one of more of the following: Java, Swing, Hibernate, Struts, JUnit, Perl, Ruby, Python, HTML, C, C++, .NET, ColdFusion, Adobe, Assembly language, etc.

· Demonstrated experience and/or familiarity with VMWare and virtual machines.

· Ability to write custom tools and modify existing intrusion detection tools.

· Experience with Agile development methodology.

· Experience with automated testing tools (e.g., RSpec, Cucumber, etc.)

· Experience with one or more of the following:

o Security COTS integration

o Security Incident Event Management

o Insider Threat Monitoring

o Operating System Hardening

o Vulnerability Assessment testing

o Identification and Authentication schemes

o Public Key Infrastructure and Identity Management

o Cross Domain Solutions

o Computer Network Exploitation (CNE)

o Computer Network Operations (CNO)

o Malware Analysis

o Reverse Software Engineering

o Security engineering

Certifications:

· DODI 8570.1-M Compliance at IAT Level I certification required.

Senior Cyber Engineer – I

· Four (4) or more years of cyber security experience required. [A Master’s degree in a related discipline may substitute for two (2) years of experience. A PhD may substitute for four (4) years of experience.]

· Bachelor’s degree in Cyber Security, Information Security, Software Engineering or a related discipline is required. [Six (6) years of experience (for a total of ten (10) or more years) may be substituted for a degree.]

Additional Responsibilities and/or Skills:

· Develop mitigation strategies, including influencing accessible assets and data flows (e.g. block behaviors, quarantine hosts and enclave, block and modify traffic).Certifications:

· Provide countermeasure recommendations and business cases based on standard security principles, policies, standards and industry best practices

· Test and provision countermeasures

· Mitigate attacks and threats by assessing the impact of countermeasures and response effects.

· Monitor and diagnose potential residual effects.

· Use encryption technology, penetration, risk management and vulnerability analysis of various security technologies and information technology security research.

· Gather data and formulate mitigation plans for effective and real-time incident response.

· Experience with ArcSight required.

Certifications:

· DODI 8570.1-M Compliance at IAT Level II desired; CISSP preferred.

· Information Systems Security Engineering Professional (ISSEP) certification highly desired.

· Certified Ethical Hacker (CEH) certification desired.

· SANS/GIAC Reverse Engineering Malware (GREM) certification desired.

Senior Cyber Engineer – II

· Six (6) or more years of cyber security experience required. [A Master’s degree in a related discipline may substitute for two (2) years of experience. A PhD may substitute for four (4) years of experience.]

· Bachelor’s degree in Cyber Security, Software Engineering or a related discipline is required. [Eight (8) years of experience (for a total of fourteen (14) or more years) may be substituted for a degree.]

Additional Responsibilities and/or skills:

· Perform attack reconstruction, review threat data and investigate security incidents to determine extent of intrusion and compromise to system and data.

· Provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments.

· Auto-generate network traffic intelligence.

· Develop mitigation strategies, including influencing accessible assets and data flows (e.g. block behaviors, quarantine hosts and enclave, block and modify traffic).

· Provide countermeasure recommendations and business cases based on standard security principles, policies, standards and industry best practices

· Test and provision countermeasures

· Mitigate attacks and threats by assessing the impact of countermeasures and response effects.

· Monitor and diagnose potential residual effects.

· Use encryption technology, penetration, risk management and vulnerability analysis of various security technologies and information technology security research.

· Gather data and formulate mitigation plans for effective and real-time incident response.

· Perform one or more of the following:

o Malicious payload analysis, inspection of PCAP payload at the application layer.

o De-obfuscation; transform source or machine code to human-readable cost to assess script functionality.

o Botnet activity correlation: asses impact/ effect of software robots (i.e., ‘bots’) that run autonomously, automatically and/or undetected.

· Assist in identification and implementation of appropriate information security functionality

· Serve as a subject matter expert for application security in support of programs.

· Produce reports and briefs to provide accurate depiction of threat landscape and associated risks.

· Experience with ArcSight required.

· Experience with one or more of the following is required: MS Visual Studio, Driver Development Kit, IdaPro, Windbg, SoftIce, OllyDbg, VMWare, etc.

· Leadership experience desired.

Certifications:

· Certified Information Systems Security Professional (CISSP) certification required.

· Information Systems Security Engineering Professional (ISSEP) certification desired.

· Certified Ethical Hacker (CEH) certification desired.

· SANS/GIAC Reverse Engineering Malware (GREM) certification desired.

· ArcSight Certified Security Analyst (ACSA) or ArcSight Certified Advance Security Analyst (ACASA) certification desired.