Posted

We are seeking a Senior Systems Security Engineer to join a team of experienced hands-on engineers supporting a government client in Washington, DC. The person in this position will provide on-site, hands-on expert technical engineering services on security engineering projects and supporting and working with existing security tools and systems.

Required Experience:

  • Bachelor’s degree or equivalent professional experience in the field of information security, computer engineering, information systems or related technical or functional discipline
  • A minimum of eight (8) years of relevant hands-on engineering work experience in the area of information/cyber security engineering or operations, with an emphasis on recent, relevant hands-on experience with security tools and devices such as network firewalls, web proxy, intrusion prevention system, intrusion detection systems, vulnerability scanner, and penetration testing tools
  • Two (2) or more years of hands-on experience in designing, architecting, and implementing security controls and securing enterprise-wide systems, applications, network, and infrastructure services
  • Strong familiarity and experience interpreting and implementing Federal compliance standards such as NIST 800-53, FIPS, FedRAMP
  • Specialization in one of the following fields with four (4) or more years of hands-on experience:
    • Implementation of DISA, CIS, or other major security controls on Windows Based operating systems and Microsoft applications using Active Directory (including .adm and .admx files and Registry configuration), PowerShell, LGPO, and other deployment methods
    • Implementation of DISA, CIS or other major security controls on RHEL (version 5-7) or MacOS operating systems
    • Operating System Firewall configuration on Windows and Linux Systems
    • Secure system to system communication including but not limited to RDP, WinRM, SSH
    • System level security protocols such as IPSec, PKI, SSL
    • Building and administering security devices such as network firewall, web proxy, data loss prevention systems, and intrusion prevention systems
    • Building and administering Network devices (e.g., Cisco, Juniper)
    • Conducting dynamic web application security testing, both manual testing and utilizing application security tools to discover exploitable vulnerabilities
    • Conducting database security assessment and monitoring

Professional Certification: Maintain at least one current professional certification. Acceptable certifications include: Any SANS GIAC Security certifications (Administration, Software, Forensics, or GSE Expert), ISC2, CISSP

Apply for this Position

  • Accepted file types: doc, docx, pdf.
  • This field is for validation purposes and should be left unchanged.