Please send resume in Word format if you are interested in this Senior Cyber Security Engineer opening near Ashburn, VA 20147. Looking for candidates that live locally to Leesburg, VA or don’t want to commute into Wash DC. Salary for this role is in the $150K-$200K range & EXCELLENT BENEFITS (6 weeks PTO & 7% match on 401K). Client is looking for someone that is a jack of all trades w/in IT Security. MUST BE A HIGH LEVEL ENGINEER –
SOC – Security Operations Center experience.
Incident Response to cyber events.
Threat analysis and/or threat hunting.
Technical background in security technologies, networking and systems.
If you are not interested please pass onto colleagues/associates as we do provide referral bonuses.
As the Senior Cyber Security Engineer, you will be responsible for protecting system boundaries and ensuring that IT systems, applications and network devices are hardened against threats. The position addresses potential information security incidents. You will utilize your exceptional communication skills to interact with both technical and non-technical colleagues, and to provide technical leadership for your colleagues and the organization.
Serves as the lead for day-to-day threat identification and vulnerability/risk analysis. Perform advanced event and incident analysis, including baseline establishment and trend analysis. Remain current on cyber security trends and intelligence in order to guide the security analysis & identification capabilities of the team. Perform threat, vulnerability, risk assessments, and investigations. Responsible for the engineering, design, implementation, maintenance, analysis, and administration of security technologies. Participate in and lead projects for security requirements, network design reviews, and security testing for network, systems, and other IT teams. Coordinate with the systems, network and development team to ensure network security standards are being followed and implemented correctly. Evaluate new security technology & emerging threats and provide recommendations to strengthen the information security environment. Coordinates the handling and resolution of incidents of security breach. Provides analytical and technical security recommendations to other team members and other users. Identifies requirements, based upon need or as the result of a security issue that puts organizations systems at risk. Experience with vulnerability scanning, and understands how to analyze discovery scan data and vulnerability data to determine unusual use configurations, discovery of aged software, and proper identification of high-severity vulnerabilities. Perform internal and external penetration tests with multiple technologies. Proactively conduct security threat analysis and recommend solutions to manage network, systems and application vulnerabilities. Review and analyze new systems (hardware and software) and provide recommendations concerning their security. Install, configure, and maintain information security technologies. Active member to recommend effective security configurations and architecture. Liaison to to effectively communicate and architect security solutions. Develops documentation to support ongoing security systems operations, maintenance and specific problem resolution. Provide support off hours in addition to regular work days to troubleshoot escalated issues and apply production changes where needed. Work in a multi-office environment and willingness to travel to other offices as required.
Bachelor’s degree in Computer Science, Information Technology or similar field, or equivalent experience. 8+ years of information security experience with a focus on network, application and architecture. 5+ years of security operations center experience with security monitoring and incident response. Specific Information Security related experience including encryption, IDS/IPS, Firewalls, SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessment. Knowledge of email security gateway, cloud and virtual technologies. In-depth knowledge of mapping business requirements to technology and ability to identify security gaps at the architecture level. Knowledge of common security vulnerabilities such as: XSS/CSRF, SQL Injection, Buffer Overflow, and DoS attacks. Knowledge of the HTTP protocol, including analyzing the request/response. Demonstrated experience with commercial and open source testing and auditing tools such as Paros, BURP, nmap, and Metasploit. Proven ability to clearly document and communicate security findings, risk description, risk level, and recommended solutions to stakeholders. Understanding of networking, operating systems such as Linux and Windows. Demonstrated knowledge of security industry standards and best practices such as OWASP and NIST. Excellent interpersonal, analytical and problem-solving skills. Proven ability to manage multiple tasks/projects. GCIA, GNFA, CISSP, CEH, or other relevant certification preferred