| Title: Senior Systems Engineer
|
| Location: Springfield, VA
|
| Job Type: Direct Hire
|
| Compensation: $80,000.00 to $90,000.00 per Year
|
| Reference Code: 940516-AQG
|
Description: The Senior Systems Engineer administers security controls to prevent hackers from infiltrating company information or applications. He/She maintains security systems for routers and switches, administers security policies to control access to systems, maintains the company's firewall, and provides information to management regarding the negative impact on the business caused by theft, destruction, alteration, or denial of access to information.
Duties:
- Perform daily Intrusion Detection Sensor (IDS) monitoring and signature tuning
- Review event correlation and security monitoring tool reports and provide incident response as necessary
- Review alerts and packet-level data collected from probes and sniffers and provide deep-packet inspection as required
- Conduct periodic vulnerability assessments of both internal and public-facing enterprise components
- Develop and perform web application security posture validations
- Provide incident response functions when appropriate and coordinate activities with ITSO
- Support the ITSO in publishing incidents, alerts, advisories, and bulletins as required
- Conduct research pertaining to the latest viruses, worms, etc.
- Support Information Assurance asset deployments, upgrades, and maintenance; including sensors, data collection servers, network assets and firewall administration
- Work with various technology teams to ensure toolsets used to detect infrastructure security issues are deployed on all necessary platforms
- Monitor alerts from the firm's Computer Security Incident Response Team and other Security Event Management sources, and drive timely remediation of issues
- Create and maintain scorecards and reporting to display our risk profile and provide insight to management for decision making
- Actively participate in firm-wide vulnerability management forums designed to keep lines of business up-to-date on process changes and upcoming projects
- Participate in security planning/risk assessment
|
Requirements: To be considered for this opportunity, you must possess:
- Bachelor of Science or equivalent degree, or equivalent work experience
- 3-5 years of experience in information security
- Demonstrated ability to develop and implement information security policies, procedures, standards, and practices
- Knowledge of application development life cycle models and issues, especially pertaining to security components
- Familiarity with federal regulatory and legal requirements and with ISO17799 security standards
- Demonstrated knowledge and understanding of information security industry trends and emerging technologies, and an ability to relate them to the company and its objectives
- Knowledge of and implementation experience with security technologies and architecture, including encryption, network security, firewall configuration, and intrusion detection
- Experience in vulnerability management, including testing, scanning, and patching
- Experience conducting and mitigating security/risk assessments
- Strong communication and facilitation skills
- Strong analytical skills
- CISSP or other security certifications are preferred
|
|
|
|
|
|
|