Security Engineer

Defense Engineering Inc Washington , DC 20319

Posted Yesterday

DEI has an exciting opportunity for a Security Engineer to provide technical support to a Federal Government agency in Washington, DC. The Security Engineer will be responsible for implementing security procedures to secure email, and update virus protection; additionally, they will provide Tier I and Tier II coverage for Incident Response and after action mitigation procedures.

PRIMARY RESPONSIBILITIES

  • Assist in the development of System Security Plan and other security related documentation

  • Monitoring network usage for security events

  • Undertakes routine preventative measures and implementing, maintaining, and monitoring network security, particularly if the network connects to the internet

  • Provide security training and technical support for users with varying levels of IT knowledge and competence

  • Execute vulnerability scans on a routine basis with tools such as Nessus or McAfee vulnerability scanner

  • Coordinate response to information security incidents

  • Conduct security audits, develop analytical reports as required, and manage remediation plans;

  • Collaborate with IT management to manage security vulnerabilities

  • Conduct security research in keeping abreast of latest security issues

  • Shall be knowledgeable in one or more of the following areas: Vulnerability scan tools such as Nessus and/or QRadar; SIEM implementation and configuring of McAfee SIEM; vulnerability management security of computer hardware; disaster recovery and contingency planning

BASIC REQUIRED QUALIFICATIONS

At least three (3) years of specialized IT experience and a Bachelor's degree in Computer Science, Information Systems, Engineering, Business, or other related scientific or technical field; or at least five (5) years of specialized IT experience and no degree requirement.

  • CISSP, CEH, or similar security certification

  • McAfee SIEM experience

  • Vulnerability Scanning

Defense Engineering Inc. (DEI), a Service Disabled Veteran Owned Small Business, headquartered in Alexandria, Virginia, is a growing IT engineering firm that specializes in modernizing and operating reliable IT systems by harnessing emerging technologies with proven innovations. Our capabilities include a full range of IT engineering, cyber security, IT strategic planning, IT operations, program management, software/application development, and IT communications implementation.

Defense Engineering, Inc. is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, national origin, age, veteran status, disability, or any other protected class.


Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Engineer

DXC Technology

Posted 2 days ago

VIEW JOBS 6/22/2018 12:00:00 AM 2018-09-20T00:00 Every day at Perspecta, we enable hundreds of thousands of people to take on our nation's most important work. We're a company founded on a diverse set of capabilities and skills, bound together by a single promise: we never stop solving our nation's most complex challenges. Our team of engineers, analysts, developers, investigators, integrators and architects work tirelessly to create innovative solutions. We continually push ourselves—to respond, to adapt, to go further. To look ahead to the changing landscape and develop new and innovative ways to serve our customers. Perspecta works with U.S. government customers in defense, intelligence, civilian, health care, and state and local markets. Our high-caliber employees are rewarded in many ways—not only through competitive salaries and benefits packages, but the opportunity to create a meaningful impact in jobs and on projects that matter. Perspecta's talented and robust workforce—14,000 strong—stands ready to welcome you to the team. Let's make an impact together. For more information, visit www.perspecta.com Perspecta has an immediate need in our US Public Sector group for a Security Engineer in Washington, DC. * Ensure that the appropriate operational security posture is maintained for assigned Information Systems (IS) under his/her purview, will work in close collaboration with the Information Systems Security Manager (ISSM), the Information System Owner (ISO), and other IS Stakeholders. The candidate will ensure that cyber security requirements are effectively integrated into the IS' operations, management, and documentation. The candidate will provide critical systems, application and infrastructure support to our Customer. The candidate will have the opportunity to work with a Team of ISSOs across multiple technical areas, on various system classification types and categorizations, as well as have the opportunity to collaborate with a diverse group of security professionals. * Responsibilities include, but are not limited to: * Work in close coordination with all system stakeholders; * Create and maintain existing information system security documentation, including System Security Plan (SSP), Security Controls Matrix and/or Assessment, and Security Configuration Guide (controlled changes to the system) * Develop or modify implementation and design documents describing how security features are implemented * Prepare system documentation for assessment in accordance with the Risk Management Framework (RMF) and NIST Special Publications (800-37, 800-53 and others); identify deficiencies and provide recommendations for solutions * Track findings with Plan of Action and Milestones (POA&M) through mitigation and/or risk acceptance * Responsible for elements of physical and environmental protection, personnel security, incident handling, and security training and awareness and ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures * Ensure all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before being granted access to the system, and periodically thereafter * Create security policies and maintain existing information system security documentation * Conduct periodic and continuous reviews of the system to ensure compliance with the authorization package * Work with the Information Assurance (IA) team to perform basic system administration and maintain various IA tools, including audit collection and reporting systems, vulnerability management programs, and other continuous monitoring capabilities * Participate in the change management process, including reviewing Requests for Change (RFC) and assist in the assessment of a potential change's security impact * Conduct daily, weekly and monthly audit review and management of the audit collection system * Continuously review and evaluate vendor, security, and business best practices for implementing a comprehensive audit program * Implement vulnerability management programs, including tracking and addressing IAVAs and security patches, accessing applicability to existing systems, and ensuring closure * Provide direction and guidance to less experienced IA personnel * Remain sensitive to security infractions and assist in security investigations and responses as requested * Monitor system recovery processes to ensure security features and functions are properly restored and functioning correctly following an outage EDUCATION & EXPERIENCE * A minimum of five (5) years of work experience in computer science or cyber security-related field. * Strong background and extensive experience with Risk Management Framework (RMF), ICD 503, NIST SP800-53 and 53a or DCID 6/3; knowledge of current authorization practices, particularly within the Department of Justice. Extensive background with DITSCAP/DIACAP may be substituted in some cases. * Certified in at least one of the following during the life of the contract: International Information Systems Security Certification Consortium (ISC2) Certified Information systems Security Professional (CISSP), the Global Information Assurance Certification (GIAC) Information Security Professional (GISP), or the Computing Technology Industry Association (CompTIA) Advanced Security Practitioner (CASP) or other certifications exemplifying DoD 8570.1 IAM level III proficiency * Bachelor's or advanced degree in Computer Science, Cyber Security, Mathematics, or Engineering is highly desirable. * Familiarity with the use and operation of such tools such as Tenable's Nessus and/or Security Center, IBM Guardium, HP WebInspect, AppDetect, Network Mapper (NMAP), or like applications; * Knowledge and experience with security efforts related to Windows, Linux, Solaris, VMWare, Cisco, Juniper, SQL, and Oracle. * Experience implementing and using various IA tools including vulnerability assessment, patch management, audit collection, audit review, audit management, and end-point protection * Analytical skills, with the capacity to quantify and/or qualify risks as they relate to the enterprise systems * Good communications skills, both in writing and orally US Citizenship, active Top Secret clearance, and SCI capable DXC Technology Washington DC

Security Engineer

Defense Engineering Inc