Sr Cyber Security Engineer (Rockville, MD)
- $100K - $150K Annual Salary
- Full Time
- Health Insurance, Dental Insurance
Sr Cyber Security Engineer
Per Federal Govt Sector U.S Citizenship is Required
Must be able to pass background check and drug Screen
Contract to Hire Permanent
Rockville, MD 20850- NIH
This program includes Vulnerability Management, Security Operations, Prevention and Maintenance support, Software Assurance, as well as Event Detection and Incident Response. You will support NIH’s critical scientific and business activities related to infrastructure, clinical and laboratory science, computational science, and hosted application delivery, and security operations and engineering support related to server and desktop systems.
You will support existing tools and leverage your technical background to make the tools more effective and identify new processes and tools to protect this environment. You will use Tenable Nessus, qRadar SIEM, IDS systems.
You will work collaboratively with user and infrastructure support teams to define and apply security policy and standards across the larger NIAID environment, working with end users, stakeholders, and support teams alike to define and establish this secure environment. You will work to collect and understand metrics to present to system owners.
You will inspire and foster confidence in others with your abilities to effectively communicate with various customer communities to understand their needs, and provide them guidance on how to best protect them through your technical solutions.
RESPONSIBILITIES & DUTIES
- Provide an understanding and application of security governance and best practices
- Demonstrate a strong understanding of an enterprise technical environment and system engineering/administration actions
- Provide Vulnerability Management oversight
- Support secure system development lifecycles
- Maintain and promote secure tools and infrastructure
- Perform Event Detection and Incident Response
- Plan, understand and communicate risk, as well as methods to reduce this risk
- Develop an understanding of how change to various environments can result in changes to risk posture
- Provide technical leadership to infrastructure teams to effectively translate security policy and best practices into action within the desktop support, infrastructure engineering and operations teams, and user communities
QUALIFICATIONS & SKILLS
- Bachelors and\or work experience equivalent
- 10+ years progressively technical hands-on experience and/or training in desktop, server, network, and system development, engineering, and administration (or equivalent combination of education and experience)
- Minimum 4+ years security experience using Tenable Nessus, qRadar SIEM, IDS systems.
One or more of the following certifications is preferred
- CISSP certification is strongly preferred, or ability to obtain within 6 months
- CEH certification
- SANS Security Related Certifications (e.g. GSEC, GCIH)
- Cisco Network Certifications (CCNA, CCNP)
- Microsoft MCSA/MCSE
Strong understanding of an enterprise technical environment and system administration actions -
- Experience with large and complex Linux, Windows, and/or Mac desktop and server operating systems environments
- Experience with operating in a MS Active Directory environment
- Experience with applications and tools within a highly diverse enterprise environment
- Experience with virtual and physically managed infrastructures
- Experience working within a diverse and heterogeneous network environment
Vulnerability Management -
- Experience identifying, coordinating and communicating, and resolving system vulnerabilities leveraging a vulnerability management tool such as Tenable Nessus, Retina, or other similar scanning systems
- Ability to work with various technology teams to remediate and validate corrective actions.
System Development -
- Understanding of securing internet tools and protections associated with DMZ on a public facing network
Secure Infrastructure -
- Understanding of developing secure baseline configurations across various platforms, operating systems, and tools.
Event Detection and Incident Response -
- Understanding of tools and techniques used to identify abnormal behavior, including Intrusion Detection Systems (IDS), Security Information and Event Management (SIEM) systems, and other relevant tools.
- SIEM (IBM QRadar): Tune and filter logs, create exceptions, configure to receive logs from other systems, create reports.
- IDS/IPS(Cisco FirePower): Configure, deploy , monitor and tune IDS/IPS signatures, security/threat intelligence feeds
- Network Access Control (NAC) (ForeScout): Configure, deploy and administer NAC system. Refine device classification and clarification. KEY
- Firewalls (CheckPoint, Cisco ASA): Configure and upgrade firewalls, add/delete rules, analyze logs, implement management server redundancy, optimize and audit rule base.
- VPN(Cisco ASA): Configure and maintain, add rules, add routers, maintain SSL certificates
- Vulnerability Management (Tenable Security Center and Scanners): Install and configure entire system, upgrade, expand scanning segments as needed, create and maintain reports. Create and schedule asset, vulnerability and configuration scans for the enterprise.
- Anti-Virus (McAfee VirusScan Enterprise with ePolicy Orchestrator): Administer system, upgrade system, create file/directory scanning exclusions.