The successful candidate will support overall network defense activities, provide in-depth analysis of suspected malicious code and/or infected systems and network devices, perform necessary inspection and reverse-engineering activities to understand the behavior of software, determine the root cause for the presence of threats, and develop recommendations to counter threats.
Duties, Tasks & Responsibilities
- Conducting proof of concept testing
- Designing, testing, and integrating new security products as directed
- Beta testing new capabilities when directed, and conducting software testing as required (patches and other updates)
- Maintaining a robust library of documentation, to include network diagrams for cyber defense capabilities and sensors, and making documentation available to all personnel with appropriate need-to-know
- Providing engineering support for all primary systems, such as network-based intrusion detection and prevention systems
- Maintaining, updating, and conducting routine vulnerability scanning across all Customer networks
- Overseeing patching, hardening, and base-lining activities across all Customer networks, and ensuring all stakeholders are in compliance with patching/hardening requirements
- Maintaining, updating, configuring, and ensuring the successful deployment of logging/auditing tools across Customer networks
- Maintaining system baselines and configuration management items, including security event monitoring policies
- Working with all stakeholders to ensure complete and functioning systems that meet all requirements
- Ensuring all network defense capabilities are kept current, patched, and securely configured, and the management is informed of status
- Analyzing data flows into, out of, and across Customer networks to identify and rectify any security gaps
- Performing limited penetration testing into targeted networks as directed
Required Experience, Skills, & Technologies
- Significant, hands-on experience with Splunk and other security/monitoring tools such as Solarwinds, WhatsUp Gold, or similar tools
- Experience working across a large team to drive a security agenda
- Experience working with complex, intertwined systems and data flows
- Significant, demonstrated experience meeting security requirements in the Customer’s environment or similar environments (prior ISSE experience)
- Experience inventorying complex networks, and with all facets of network documentation (security compliance, configuration management, patching, centralized authentication, removable media, etc.)
- Hands-on experience with a wide range of diverse technologies/disciplines, especially with a security focus (networking, UNIX/Linux, Windows, Storage, Virtualization, etc.)
- Expert-level abilities in the following areas:
- Maintaining, configuring, and monitoring network security applications, network devices, encryption technologies, operating systems, and storage appliances
- Securing information technology infrastructures
- Monitoring network defense technologies and analyzing the outputs
- Identifying and/or innovating solutions or measures to protect networks within budgetary and/or infrastructure constraints
- Creating, maintaining, and communicating complex information technology documentation, particularly network and security documentation
- Executing penetration tests, formal assessments, and other formal information security and compliance inspections
- Self-starter with excellent people skills – able to work across teams, organize meetings/boards, and drive change throughout an organization
Desired Experience, Skills & Technologies
- CCNA strongly desired
- CISSP strongly desired
- Experience with the Xacta 360 cyber risk and compliance automation tool
- Experience navigating the Sponsor’s accreditation process and ICD 503 requirements