Sr. Cyber Security Engineer

About The Position

Requirements

• Bachelor's degree and 4+ years of relevant experience
• 8570 IAT Level 2 Certification (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, or SSCP) is required.
• TS/SCI is required.
• Experience building and maintaining Splunk instances in a DoD-specific environment.
• Experience using Splunk or other SIEM to correlate events and identify possible security events and incidents; must then be able to track down the root cause of these events and work with the CIRT team to conduct incident response actions.
• Proficiency in both UNIX/LINUX and Windows system administration and configuration.
• Proficiency in networking technologies and principles; routing, switching, subnetting.
• Familiarity with deployments to and implementation of security functions in virtualized environments (VMware & Hyper-V)
• Familiarity with Windows, UNIX/LINUX, and applications logs, such as database and web server logs
• Experience implementing and auditing DISA STIG hardening configurations.
• Working knowledge of database and operating system security.
• Understanding of the latest security principles, techniques, and protocols.
• Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously, coordinating resources and ensuring scheduled goals are met.
• Excellent verbal and written communication skills are required.

Responsibilities

• Responsible for analyzing the security of hardware (SoC, MCU, etc.) and low-level operating system components of consumer devices.
• Responsible for providing systems security support for the protection of information system assets.
• Implementation of technology that supports network defense, vulnerability management, and incident response based on our client's unique mission needs.
• Assess and review risks and work with product engineers to create mitigations.
• Develop and execute policies, standards, and procedures.
• Develop and deliver security training, promote awareness, and educate product engineers on technology.
• Research on the latest standard methodologies, trends, threats, vulnerabilities, and technology frameworks
• Splunk subject matter expert, responsible for engineering and maintenance of multiple clustered instances
• Implement and maintain security stack components, such as IDS/IPS, firewalls, SIEM, and host-based security systems.
• Mature the existing Splunk instances to support robust incident detection and insider threat programs.
• Build system configuration baselines that leverage the Security Content Automation Protocol (SCAP) for both Windows and UNIX/LINUX operating systems.
• Engineer event log correlation solutions to support effective customer response to security incidents.
• Conduct incident response actions based on detected events and incidents.
• Validate and develop cybersecurity requirements.
• Develop cybersecurity engineering solutions for various aspects of security.
• Work with stakeholders in functional and technical areas in support of engineering tasks.
• Provide customers with reports and other informational products.
• Other duties as assigned.