Job Description :
Short Description:
Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.

Complete Description:
Years of Experience:
8 or more years of experience in the field.

Job Description:
Will focus on Engineering supporting the following functional areas:
o Vulnerability Management
o Incident Response
o Forensics
o Security Operations
o Threat Analytics

Configure, troubleshoot, upgrade and support security infrastructure devices
Support various security platforms, including but not limited to: Vulnerability Management platform (Tenable); Security Incident Event Management (SIEM) platform (IBM’s QRadar); Content Filtering (WebSense); and various Symantec security platforms.
Identify and define system security requirements
Design computer security architecture and develop detailed cyber security designs
Prepare and document standard operating procedures and protocols
Engineer, implement and monitor security measures for the protection of computer systems, networks and information
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
Ensure that the company knows as much as possible, as quickly as possible about security incidents
Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement

Skills:
· Cyber Security Related Certification (CISSP, OSCP, CEH, SANS, etc - Highly desired
· Platform Related Certification (MCSE, RHCE, etc - Highly desired
· BS degree in Computer Science or related field - Highly desired
· Proven work experience as a system security engineer or information security engineer or *nix/Windows server engineer – Required – 4 Years
· Experience in building and maintaining systems – Required - 4 Years
· Experience working in highly complex Information Technology environments (large company or government) – Required – 4 Years
· Experience in a system administration role supporting multiple platforms and applications – Required – 4 Years
· Experience with network security and networking technologies and with system, security, and network monitoring tools – Required - 4 Years
· Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management –Required – 4 Years
· Experience designing secure networks, systems and application architectures – Required – 4 Years
· Experience scripting in PowerShell, Bash, or Python - Highly desired – 4 Years
· Experience planning, researching and developing security policies, standards and procedures - Highly desired – 4 Years
· Thorough understanding of the latest security principles, techniques, and protocols – Required – 4 Years
· Detailed technical knowledge of database and operating system security – Required – 4 Years
· Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols - Highly desired – 4 Years

· Knowledge of risk assessment tools, technologies and methods - Nice to have – 4 Years
· Knowledge of disaster recovery, computer forensic tools, technologies and methods Ability – Desired – 4 Years
· Ability to communicate network security issues to peers and management – Required – 4 Years
· Ability to read and use the results of mobile code, malicious code, and anti-virus software – Desired – 4 Years
· Problem solving skills – Required – 4 Years
· Experience in Security Operations and System Engineering – Required – 4 Years
· Practical experience with Vulnerability Management tools (eg. Qualys, Tenable) – Desired - 4Years
· Practical experience with SIEM tools (eg. IBM QRadar, Splunk) – Desired – 4 Years