Job Details

Senior IT Security Engineer (833) (02/05/2016)

Rockville, MD

  • Provide an understanding and application of security governance and best practices
  • Develop and perform IT system security scans, result analysis, vulnerability categorization, and dissemination of results
  • Recommend, implement and administer Security Information and Event Management (SIEM) tools
  • Researches escalated vulnerability issues, recommend remediation and/or mitigation solution, assist system administrators with implementation
  • Support system administrators in implementation of NIST, FISMA and other information security checklists and guidelines
  • Research requirements for successful remediation of Plan of Action and Milestones (POA&M), recommend solutions, assist system administrators and software engineers with implementation
  • Maintain knowledge of technical and non-technical security regulations, interprets requirements, communicates with IT staff and senior management
  • Participate in security control assessment activities
  • Participate and assists in researching evaluating, and development of security solutions, policies, procedures, and guidance
  • Maintain and promote secure tools and infrastructure
  • Perform Event Detection and Incident Response
  • Support secure system development lifecycles
 

Additional Job Duties/Responsibilities: 

 

  • Must demonstrate a strong understanding of an enterprise technical environment and system administration actions
  • Must demonstrate excellent verbal and written communication skills 

Required Skill

Primary Skills

  • Minimum ten (10) years of experience in information technology is required.
  • At least five (5) years security administration experience is preferred.
  • Bachelor Degree in information technology or associated discipline; may substitute any of the major certifications or years of experience in related field in lieu of a degree.
  • Must have (or must be able to obtain within 6 months of employment) professional security certification such as CISSP
  • Experience with network vulnerability scanning, analysis, and vulnerability remediation and mitigation
  • Knowledge of NIST Special Publication 800 series documentation with strong understanding of SP 800-53 controls
  • Experience in implementation of FDCC/USGCB, NIST Checklist Program, and/or DISA STIGs.
  • Strong MS Windows Server and Desktop background, preferably MSCP, understanding of active directory group policy objects
  • Strong Linux/Unix background
  • Solid understanding of TCP/IP networking
  • Familiar with Plan of Action and Milestones (POA&M) process
  • Documentation, presentation, and technical writing experience
  • Able to communicate effectively through written and verbal means to co-workers and leadership
  • Experience utilizing security tools such as Tenable Nessus, HP Fortify, TrustWave Hailstorm, IBM Appscan, Avecto DefendPoint
  • Must be able to communicate technical information both verbally and written to both technical and non-technical audiences.
  • Must be able to manage and appropriately prioritize multiple projects/tasks in a fast-paced, dynamic environment.
  • Must be able to pay close attention to detail
  • Must be able to lead and cross-train other staff as necessary.

Secondary Skills

Apply Now

Personal Information

Upload resumé

Additional Information