Security Engineer Lead
Employment Type : Full-Time
Requisition #: SECUR02795
Job Title: Security Engineer Lead
Location: Arlington, VA 22203
Clearance Level: Active DoD - Secret
Required Certification(s): DOD 8570 IAT II certified: Security+, SSCP, GSEC, GICSP, CCNA-Security, or CySA+ certification; IAT III certifications also qualify: CISA, CISSP, CASP CE, GCIH, or GCED
**Selected applicants may be subject to a government security investigation and must meet eligibility requirements for access to classified information. **
SUMMARY:
Agile Defense has an immediate, funded opportunity for a Security Engineer to support our mission critical customer in Arlington, VA. Qualified candidates must possess an active DoD Secret clearance or higher.
DUTIES:
- Mission Statement: Tests, implements, deploys, maintains, reviews and administers the infrastructure hardware and software that are required to effectively manage the computer network defense (CND) service provider network resources. Monitors network to actively remediate unauthorized activities.
- Basic experience administering and Automating Linux Systems Scripting experience in Powershell/BASH Programming and Automation experience utilizing Ruby/Python/Perl
- Network Access Control (NAC) experience: ForeScout CounterACT, Cisco ICE Firewall experience: Cisco ASA, Cisco IOS FW, Palo Alto
- Network TAP/SPAN aggregators: Cisco Nexus with Data Broker, Gigamon, Ixia
- Virtualization / Cloud experience: VMware ESX and NSX, KVM, Xen Server, Azure / AWS
- ACAS Operations (Security Center, Nessus Scanner and PVS),
- SPLUNK operations
- In-depth operational work with Network Detection and Response (NDRs) and incident response tools
- Provide implementation of technology that supports network defense, vulnerability management, and incident response based on our client’s unique mission needs.
- Implement and maintain security stack components, such as IDS/IPS, firewalls, SIEM, and host-based security systems.
- Mature the existing Splunk instances to support robust incident detection and insider threat programs
- Build system configuration baselines that leverage the Security Content Automation Protocol (SCAP) for both Windows and UNIX operating systems.
- Engineer event log correlation solutions to support effective customer response to security incidents.
- Conduct incident response actions based on detected events and incidents
- Research and analysis of new security products for technology insertion
- Validate and develop cybersecurity requirements
- Develop cybersecurity engineering solutions for various aspects of security
- Work with stakeholders in functional and technical areas in support of engineering tasks
- The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job.
- Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job.
Qualifications
Education and Certifications:- DOD 8570 IAT II certified: Security+, SSCP, GSEC, GICSP, CCNA-Security, or CySA+ certification; IAT III certifications also qualify: CISA, CISSP, CASP CE, GCIH, or GCED
- At a minimum, the candidate will have a bachelor’s degree in an IT-related, math, or scientific program; will consider equivalent professional experience and certifications in lieu of degree
Background Needed and Years of Experience:- Candidate must have at least five (5) years of cybersecurity experience, ten (10) years of IT experience, and be able to demonstrate solid knowledge of cybersecurity principles and practices, as well as an advanced understanding of various technologies
- Extensive experience building and maintaining Splunk instances in a DoD/IC specific environment
- Experience using Splunk or other SIEM to correlate events and identify possible security events and incidents; must then be able to track down root cause of these events and work with CIRT team to conduct incident response actions
Additional Skills & Qualifications
Must Have Technical Skills:- Technical proficiency in both *NIX and Windows system administration and configuration.
- Technical proficiency in networking technologies and principles; routing, switching, subnetting
- Familiarity with deployments to and implementation of security functions in virtualized environments (VMware & Hyper-V)
- Familiarity with Windows, *NIX, and applications logs, such as database and web server logs
- Experience integrating, configuring, and operating the following: Tenable Nessus (ACAS), McAfee ePO (HBSS), next generation firewalls (NGFW) such as Palo Alto Networks, Network IDS/IPS such as Sourcefire
- Experience implementing and auditing DISA STIG hardening configurations
- Advanced level understanding of Load Balancing using the F5 BigIP suite of toolsets, Specifically with, LTM, and GTM modules
- Experience developing infrastructure to support highly available web applications
- Advanced level understanding of Network Engineering and security considerations as they apply to load balancing and constrained delegation functionality
- Preferred experience working with the F5 virtual appliance, vs. a physical deployment
- Excellent communication skills, written and verbal, to be able to effectively document solutions and obtain requirements from customers
Preferred Technical Skills:- Software development experience
- Scripting experience (PowerShell, Perl, Ruby, JavaScript)
- Experience with Risk Management Framework (RMF) and NIST 800 series
- Experience with regular expressions (REGEX)
- Familiarity with multi-level classification systems; single networks which support multiple classifications through the use of DAC and trusted cross-domain guards
- Splunk Administrator or Splunk Architect Certification
- Experience with SolarWinds for monitoring
- Experience with NAC supporting 802.1X authentication
- Experience with NGFWs such as Palo Alto
- Experience with IDS/IPS such as Snort, Cisco FireSIGHT, and/or Bro
- Experience with SolarWinds for monitoring
- Experience with packet analysis through full capture tools
- Experience with Cyber Deception tools
- Experience with inline threat prevention such as FireEye or Lastline
Supervisory Duties:
- Leads the Security Engineering team
WORKING CONDITIONS:
Possible off-hours work to support releases and outages. General office environment with a fast-pace ops tempo. Work is generally sedentary in nature, but may require standing and walking for up to 10% of the time. The working environment is generally favorable. Lighting and temperature are adequate, and there are not hazardous or unpleasant conditions caused by noise, dust, etc. Work is generally performed within an office environment, with standard office equipment available.
Strength Demands:
Sedentary – 10 lbs. Maximum lifting, occasional lift/carry of small articles. Some occasional walking or standing may be required. Jobs are sedentary if walking and standing are required only occasionally, and all other sedentary criteria are met. Physical Requirements:- Stand or Sit
- Walk
- Repetitive Motion
- Use Hands / Fingers to Handle or Feel
- Talk or Hear
- See
***
About Us!
Agile Defense is an Information Technology Solutions provider committed to partnering with our customers to deliver the highest level of service to our customers. We provided Information Technology (IT) services to the U.S. Government, including several United States Civil agencies and various branches within the U.S. Department of Defense.
Agile Defense has established a solid reputation of partnering with our customers to deliver innovative IT solutions with our “Listen. Think. Innovate.” philosophy.
At Agile Defense, we know that our employees are our most important asset. We believe in our responsibility to our fellow employees, customers, company, and to our country. We promote teamwork, integrity, and creativity; we expect our fellow employees to also live these values.
Agile Defense, Inc. does not discriminate in practices or employment opportunities on the basis of an individual's race, color, national or ethnic origin, religion, age, sex, gender, sexual orientation, marital status, veteran status, disability, or any other proscribed category set forth in federal or state regulations.