Security Engineer (ITSEC) SE II
Position ID: 844
USmax Corporation is seeking a Security Engineer to support our customer in a highly dynamic, cross-functional, complex data center environment. The successful candidate will be responsible for assisting the Vulnerability Scanning team as well as maturing the operational and engineering functions within the Incident Response Service Line to become the subject matter expert. The Security Engineer will report directly to the ITSEC Project Manager, while independently leading and or conducting enterprise and system-level Security Engineering tasks.
• Performs network vulnerability scanning using ACAS, and performs vulnerability analysis, vulnerability reporting in accordance with the provisions of DoD, DISA, and NIST policies, directives, and guidelines.
• Diagnoses and resolves ACAS vulnerability scanning credential failures, false positives, scanning issues and reporting issues.
• Provides detailed reports including data, analyses, and conclusions upon completion of tests, scans, and assessments, including mitigations and, if indicated, appropriate escalation of identified risks and vulnerabilities.
• Serves as the main liaison for day-to-day incident response between our operations team and the client.
• Ensure timely response to any cyber incident to minimize risk exposure and production down time.
• Assists with incident response activities to include evidence collection, event correlation and threat containment on behalf of client.
• Drives collaboration with IA and business system’s stakeholders during incident response.
• Tracks and documents incident response actions and experiences to include after-action reports, metrics, and lessons learned.
• Performs other Network Security/Information Assurance tasks as assigned.
• Leads/Participates in system/security policy and standards development, including writing guidelines, standards, procedures, and other technical documentation.
Minimum 5 or more years IT engineering/network security/information assurance experience demonstrating successful command of technical and analytical skills.
Knowledge & Skills:
• Experience with cyber security incident response protocols (e.g., identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding information.
• Experience with IAVMs, DISA STIGs, POA&Ms, and related Federal/DoD policies and regulation.
• Basic knowledge of common Operating Systems to include, Windows 7/10, Unix, Windows Server 2008/2012, Cisco Routers, Firewalls, Proxies, and Switches.
• Background in some or all of the following: Networking, Security Engineering, Systems Engineering, Configuration Management.
• Experience with network scanning tools: Tenable Nessus, Tenable Security Center.
• Knowledge of NIST RMF process to include DHS/DoD security and risk management policies and procedures.
• Excellent customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.
Active secret clearance
Bachelor’s degree in Information Technology field or equivalent work experience.
Candidate is required to have, at a minimum IAT Level II certification in accordance with the DoD 8570.1 M Information Assurance Workforce Improvement Program.
USmax Corporation is an Equal Opportunity Employer, M/F/D/V.
Click here for a summary of your equal employment opportunity rights on the "EEO is the Law" poster.
USmax participates in E-Verify. Download the PDF for more details.