Information Security Engineer, Staff (Grimlock)

At&T Chantilly , VA 22022

Posted 3 months ago

Job Description: Seeking experienced security incident response operations analysts to manage confidentiality, integrity, and availability of internal and customer-facing networks and protection of vital information from cyber adversaries. This position will involve cybersecurity incident response threat validation and reporting, incident and threat coordination and communication, participation in the development of cyber analysis growth and improvement opportunities and advisory boards, extensive writing and briefing opportunities, and developing reports and risk assessments for several government programs.

  • The ideal candidate must be a self-starter, customer-focused, team player, and be able to coordinate and collaborate on multiple issues simultaneously with many stakeholders.

  • Candidate must have relevant networking experience (e.g.

    TCP/IP stack, DNS, BGP, metadata, IDS/IPS) and be able to serve as a Subject Matter Expert in security event identification, known threat validation and analysis, and network vulnerability analysis and reporting.

  • Candidates must have expertise in security information and event management tools, collecting and analyzing host-based (Windows and Linux) and network-based data, using Computer Network Defense or forensic tools, gathering and interpreting information, performing Internet research, identifying mitigation strategies, and effectively communicating results.

  • Should have demonstrated analytic ability to discover unknown, suspicious or exploitation activity and analyze exploitation opportunities and expertise to evaluate and recommend information security enhancements, product upgrades, and tools to ensure minimal exposures.

  • Excellent communications skills, that include the ability to provide formal documentation of analysis and/or research results to include briefings, reports, writing, training of lower tiers, and editing at a technical/professional level, are required.

  • Candidates should possess a bachelor's degree, as a minimum, in a related field such as math, science, computing, or engineering.

  • A minimum of 5 years of relevant cybersecurity experience is required.

  • Must be flexible with work hours and willing to work shifts when required to meet mission needs.

Prerequisites: / Qualifications:
Candidates should be methodical and prolific writers with acute attention to detail.

Candidates should have a minimum of 3-5 years security incident handling expertise within a security operations center. Understanding of government Tier 2 security operations center roles and responsibilities and CND playbooks or incident response plans related to security operations are desired. Candidate should have relevant networking experience (e.g.

TCP/IP stack, DNS, BGP, metadata, IDS/IPS) and be able to coordinate with other security teams in areas such as security event identification, known threat validation and analysis, and network vulnerability analysis and reporting. Security+, GCIA, CEH, CIH, or CISSP certification is desired. Security operations experience with Splunk Enterprise Security in the role of incident responder is desired.

Incident handling with 8-10 years security operations center expertise supporting customer-facing elements and internal security information management systems. Prior experience with open source vulnerability tools such as nmap, autoscan, Nessus, Wireshark, snort, etc. is desired. Understanding of government Tier 2 security operations center roles and responsibilities, CND playbooks and incident response plans, and business continuity plans related to security operations are desired.

Required Tools and Skills:
Splunk, Splunk Enterprise Security, Incident Response, Windows, Linux, Networking.

Education: Bachelor's in Computer Science (Information Management, Computer Information systems (CIS) or five (5) years' of practical experience in the IS environment w/a minimum of three (3) years direct CND experience. The CISSP and/or CISM is required.Minimum DOD 8140/DOD 8570 IAM Level II Certification

Required Clearance: U. S. Citizen; minimum TS/SCI/TK and CI Poly

Job ID 1843307 Date posted 11/16/2018



See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information System Security Engineer (Dod Top Secret Security Clearance)

Ka-Hoot

Posted Yesterday

VIEW JOBS 11/20/2018 12:00:00 AM 2019-02-18T00:00 <p>Join a fast growing agile small company that delivers cutting edge cybersecurity and system integration services to the US National Security market. [CLIENT] is seeking a motivated self-starter with experience in secure information systems to join a team of engineers to architect, design, develop, and implement security solutions. </p><p><strong>Requirements</strong></p><p><strong><em>CLEARANCE REQUIRED: Active Top Secret US Government clearance</em></strong></p><p></p><p>Responsibilities include:</p><ul> <li>Define, plan, design, and evaluate information security systems and architecture</li> <li>Define &amp; implement audit collection, analysis, and dashboards using Splunk</li> <li>Design and implement data at rest encryption for SANs and servers</li> <li>Perform system administration and maintains audit collection and reporting system, vulnerability management program, and continuous monitoring capabilities</li> <li>Perform requirements analysis, design, and integration for complex security integrations and collaboration infrastructures</li> <li>Conduct certification testing and reporting in accordance with the Risk Management Framework (RMF) and NIST 800.53</li> <li>Identifies deficiencies (POA&amp;M) and provides recommendations for solutions</li> <li>Participate in the change management process, and assesses security impact of proposed changes</li> <li>Write implementation and design documents describing how security features are implemented</li> </ul><ul> <li>Bachelor’s degree and 5 years related experience required;</li> <li>Requires technical knowledge in security engineering and IT systems engineering</li> <li>Experience implementing and using Splunk</li> <li>Experience with modern Microsoft, Cisco and VMware technologies</li> <li>Experience with either certification testing, Risk Management Framework (RMF), information assurance tools, DoD STIG, and vulnerability assessment</li> <li>DoD 8140 certification (IAT Level II, IAM level II, IASAE Level II)</li> </ul><p><strong>Benefits</strong></p><p>This position will afford excellent visibility, internal mobility and leadership opportunities, within a dynamic, growth-focused organization, offering competitive compensation and robust benefits.</p> Ka-Hoot Chantilly VA

Information Security Engineer, Staff (Grimlock)

At&T