Cyber Security Engineer, Avid Technology Professionals, LLC, Dulles, VA
Avid Technology Professionals, LLC -
Dulles, VA,
US
Cyber Security Engineer
Date Posted: 2024-04-19
Job description
The Sr Cyber Security Engineer designs, develops, documents, analyzes, tests, integrates, debugs, conducts research and/or discovers and analyzes security flaws or vulnerabilities in software, networks, systems, and applications. The Sr Cyber Security Engineer ensures system security needs are established and maintained for various objects/matters.
Responsibilities:
Identify Security Requirements for systems.
Ensure security requirements are planned, implemented, and tested.
Test and verify requirements are implemented and documented for ATO purposes.
Manage RMF process to obtain and maintain system ATO.
Responsible for reviewing and commenting on security risks and security issues related to any Change Requests, Infrastructure Change Requests and Configuration Change Requests
Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents.
Assess and analyze system security to identify and mitigate risks and vulnerabilities.
Recommend countermeasures to mitigate risks and vulnerabilities.
Prepare/Update documentation, including incident reports, security recommendations, etc.
Assist in identifying, prioritizing, and coordinating the protection of critical cybersecurity infrastructure and key resources.
Perform basic system design functions, including interpretive analyses, chart preparation and associated diagrams/enhancement plans.
Test existing and new technologies.
Review/analyze requested changes for equipment, technology and/or other factors/trends, which are planned for deployment in the customer space.
Support the configuration and administration of cyber security tools and systems.
MANDATORY SKILLS: 6+ years of applicable experience in cyber security
Experience with commercial cyber tools and technologies
Experience with standard security principles, policies, standards and industry best practices
Experience and knowledge of networking (TCP/IP, topology, sockets and security) and web technologies (Internet security)
Experience or knowledge of intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
Required Education:
BS Cyber Engineering, Computer Science, Computer Engineering, Computer Information Systems, OR a related field. Two years of related work experience may be substituted for each year of degree level education.
U.S. Citizenship
Must hold an active Secret clearance and be able to obtain a TS/SCI clearance
Must be able to obtain DHS Suitability
OPTIONAL SKILLS: Experience in ServiceNow
Experience with AWS Security Hub and Guard Duty
Experience editing /auditing Security Groups, NACLs, or Access-Lists.
Experience or knowledge of Endpoint Protection/Detection/Response and Extended Detection and Response solution
Understanding and ideally experience with Windows or Linux/Unix operating systems.
Experience with Security Event Incident Management (SEIM), Log Correlation and Network Behavior Anomaly detection systems
Experience and/or familiarity with development languages such as: Java, Swing, JUnit, Perl, Python, HTML
Demonstrated experience and/or familiarity with VMware and virtual machines.
Experience with SAFe
Experience with automated testing tools
Experience with one or more of the following:
Security COTS integration
Security Incident Event Management
threat Monitoring
Operating System hardening tools
Vulnerability assessment testing
Penetration Testing
Dynamic and Static Testing tools operations
Identification and Authentication schemes
Public Key Infrastructure and Identity Management
Cross Domain Solutions
Computer Network Exploitation (CNE)
Computer Network Operations (CNO)
Malware Analysis
Reverse Software Engineering
Ability to write custom tools and modify existing intrusion detection tools
Desired Certifications:
Information Systems Security Engineering Professional (ISSEP)
Certified Ethical Hacker (CEH)
SANS/GIAC Reverse Engineering Malware (GREM)
ArcSight Certified Security Analyst (ACSA) or ArcSight Certified Advance Security Analyst (ACASA)
- Certified Information Systems Security Professional (CISSP)
Responsibilities:
Identify Security Requirements for systems.
Ensure security requirements are planned, implemented, and tested.
Test and verify requirements are implemented and documented for ATO purposes.
Manage RMF process to obtain and maintain system ATO.
Responsible for reviewing and commenting on security risks and security issues related to any Change Requests, Infrastructure Change Requests and Configuration Change Requests
Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents.
Assess and analyze system security to identify and mitigate risks and vulnerabilities.
Recommend countermeasures to mitigate risks and vulnerabilities.
Prepare/Update documentation, including incident reports, security recommendations, etc.
Assist in identifying, prioritizing, and coordinating the protection of critical cybersecurity infrastructure and key resources.
Perform basic system design functions, including interpretive analyses, chart preparation and associated diagrams/enhancement plans.
Test existing and new technologies.
Review/analyze requested changes for equipment, technology and/or other factors/trends, which are planned for deployment in the customer space.
Support the configuration and administration of cyber security tools and systems.
MANDATORY SKILLS: 6+ years of applicable experience in cyber security
Experience with commercial cyber tools and technologies
Experience with standard security principles, policies, standards and industry best practices
Experience and knowledge of networking (TCP/IP, topology, sockets and security) and web technologies (Internet security)
Experience or knowledge of intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
Required Education:
BS Cyber Engineering, Computer Science, Computer Engineering, Computer Information Systems, OR a related field. Two years of related work experience may be substituted for each year of degree level education.
U.S. Citizenship
Must hold an active Secret clearance and be able to obtain a TS/SCI clearance
Must be able to obtain DHS Suitability
OPTIONAL SKILLS: Experience in ServiceNow
Experience with AWS Security Hub and Guard Duty
Experience editing /auditing Security Groups, NACLs, or Access-Lists.
Experience or knowledge of Endpoint Protection/Detection/Response and Extended Detection and Response solution
Understanding and ideally experience with Windows or Linux/Unix operating systems.
Experience with Security Event Incident Management (SEIM), Log Correlation and Network Behavior Anomaly detection systems
Experience and/or familiarity with development languages such as: Java, Swing, JUnit, Perl, Python, HTML
Demonstrated experience and/or familiarity with VMware and virtual machines.
Experience with SAFe
Experience with automated testing tools
Experience with one or more of the following:
Security COTS integration
Security Incident Event Management
threat Monitoring
Operating System hardening tools
Vulnerability assessment testing
Penetration Testing
Dynamic and Static Testing tools operations
Identification and Authentication schemes
Public Key Infrastructure and Identity Management
Cross Domain Solutions
Computer Network Exploitation (CNE)
Computer Network Operations (CNO)
Malware Analysis
Reverse Software Engineering
Ability to write custom tools and modify existing intrusion detection tools
Desired Certifications:
Information Systems Security Engineering Professional (ISSEP)
Certified Ethical Hacker (CEH)
SANS/GIAC Reverse Engineering Malware (GREM)
ArcSight Certified Security Analyst (ACSA) or ArcSight Certified Advance Security Analyst (ACASA)
- Certified Information Systems Security Professional (CISSP)
About AvidTechnology Professionals
Avid Technology Professionals, LLC (ATP) is a premiere provider of software and systems engineering, and acquisition program management services for the community. ATP is actively seeking to pursue contract opportunities with other departments and agencies in the federal government, in state governments, and in the commercial sectors. Delivered by seasoned experts in the IT field, ATP solutions adeptly address the IT concerns manifesting in both the federal and commercial sectors.
Employee Benefits
The ATP Employee Benefits package includes:
The ATP Employee Benefits package includes:
- A Supportive and Equitable Working Environment that is both Stimulating and Challenging
- Competitive Hourly Salary
- Unique Employee Success Sharing Program that allows ATP employees to Share in Company's Successes
- Automatic Approved Overtime (as long as contract permits)
- Retirement Pay (401K); 100% company paid, immediately vested with Profit-Sharing Component
- Company Medical Coverage Plans - HMO, Open Access, PPO plans
- Company Dental Plan - widely accepted, comprehensive, and flexible
- Progressive Overtime Policy
- Flexible Spending Account benefit
- Lucrative Referral Bonus Policy
- Holiday Scheduling that Coincides with Government Holidays
- Robust Professional Expenses & Training Program
- Computer Allowance
- Internet Allowance
- Short and Long Term Disability
- Life Insurance