Please send resume in WORD format should you be interested in the following Cyber Security System Engineer position in Washington, DC (zip code 20590) (Navy Yard area). The salary for this position will be between 110-123K.
There will be a 2-3 week waiting period before you can start due to security clearance requirements.
There are 2 positions so if you're not interested, please pass along to your friends and colleagues.
The Cyber Security System Engineer will perform continuous monitoring for NIST SP 800-171 (Protecting Controlled Unclassified Information) compliance by managing and monitoring servers, workstations, and network infrastructure to protect our client from security threats and vulnerabilities. Specific duties include but aren’t limited to: • Investigates, analyzes, and responds to cyber incidents within the network environment or enclave and perform tier 1, 2, and 3 malware analysis.
- As an integrated team, collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
- Identify Signature implementation impact(s) for viruses, malware, and attacks.
- Perform static malware analysis and isolate and remove malware. Report and communicate malware scan results and work cross-functionally with storage, network, server, software and application engineers to assess risk level, develop, and recommend appropriate vulnerability remediation measures.
- Support organization's cyber defense policies, system configurations, evaluate and report compliance with regulations, polices, and organizational directives.
- Ensure Anti-Virus security tools are maintained, upgraded, and configured to meet standards.
- Use incident, event, problem, configuration, change and release management practices to report, track, implement solutions, and resolve security related issues. Ensure completed work is tracked in both the CSMC JAS tool and the ITSS Remedy tool.
- On-call rotation of 24/7 availability for security operations remediation services.
- Manage assignments and work independently to define, drive, and execute deliverables.
Required Job Experience:
- 7+ years of experience security operations vulnerability assessment, remediation, incident detection and response, and knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.).
- 5+ years of experience refining, implementing and executing incident response playbooks in conjunction with the Security Operations Center and Network Operations Center • 5+ years of experience configuring and utilizing software-based computer protection tools (e.g., Symantec Endpoint Protection, Trend Micro products, etc), software firewalls and antivirus\anti-spyware software.
- 3+ years of experience analyzing captured malicious code (e.g., malware forensics).
- 3+ years of experience identifying, capturing, containing, and reporting malware (should include knowledge of malware with virtual machine detection (e.g. virtual aware malware, debugger aware malware and unpacked malware that looks for VM-related strings in the display device).
- 3+ years of experience in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
- Must have good communications skills, both written and verbal and will be responsible for documentation of all aspects of various step-by-step system installation and configuration efforts • Demonstrated ability to facilitate automation and integration through scripting in Powershell, Python, Perl, etc, is highly preferred • 2-3 years of experience with pro-active threat analysis techniques, such as penetration testing is a plus.
- Familiarity with Continuous Diagnostic Mitigation tools and Service Desk IT Service Management tools (Remedy) is a plus.
Required Clearance: Public Trust (or obtain) Required Education: Bachelor or Master degree (or industry equivalent experience).
Required Certifications: CompTIA Security+ Preferred Certifications: GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Enterprise Defender (GCED), and/or GIAC Security Essentials Certified (GSEC)