Security Engineer

Security Engineer

Location : Washington, D.C (On-site M-F at JBAB)

Duration : Full Time

Clearance : Security Clearance : TS / SCI + required and able to receive their PSD / Yankee White, or Active Yankee White Clearance

Company Description

Our Client is a top-rated cyber security firm that is passionate about providing excellent service to our clients, both government and commercial. They have a collaborative environment that encourages creativity, growth, and community, which allows you to have the opportunity to initiate and contribute to challenging projects, while continuing to grow in your professional career. Bring your creativity, innovation, and your relentless focus on customer service and join a cyber security team at its best!

Responsibilities and Duties

• Primarily responsible for the technical management of the security infrastructure for a Windows and Linux based network platform. The position will oversee all security system maintenance, upgrades, expansions, etc.
• Conducts security system maintenance, upgrades, etc. based on all DISA requirements and vendor recommendations
• Operate and maintain security infrastructure including IDSs, HBSS, etc. to ensure system and application performance / health monitoring. Develop and maintain security infrastructure policies and procedures in accordance with DISA standards.
• Manage security infrastructure servers on the WHMO network and ensure that all are maintained and upgraded according to the latest DISA guidelines.
• Create and maintain Host Intrusion Prevention System (HIPS) exceptions and firewall rules in efforts to ensure secure site configurations per DISA guidance.
• Monitor latest HBSS to detect faulty operation, anomalies, and security events.
• Develop, run, analyze, and maintain reports using SQL and HBSS reporting.
• Develop sorting rules, dashboards, data monitors, and filters using HBSS for first responders, analyst, and Information Assurance Manager.
• Deploy, tune, and configure software to detect and / or prevent malicious activity at host level.
• Develop and test new agents.
• Analyze the results of queries for "Interesting Events" and pass to first responders to open new investigation.
• Maintain logs.
• Work cooperatively with other divisions to resolve issues and meet objectives.
• Perform report and query generation.
• Interface with government customer and other divisions in order to provide a quality product that meets objectives.
• Develop written procedures and provide on-site training.
• Monitor and control all HBSS accounts including access level, policies changes, etc.
• Participate in special projects as required.
• Provide monthly status report.
• Create and maintain documentation of all HBSS system configurations.
• Develop and maintain all documentation for HBSS policies and procedures in accordance with DISA standards.
• Create and maintain documentation for all Host Intrusion Prevention System (HIPS) exceptions and firewall rules.
• Assist in any network / host intrusion investigation that requires HBSS logs.
• Maintain all records of reports developed, run, and analyzed using SQL and HBSS reporting.
• Maintain documentation of all sorting rules developed, dashboards setups, data monitors, and filters.
• Maintain all documentation of software and signatures used to detect and / or prevent malicious activity at host level.
• Develop written procedures and provide on-site HBSS training.
• Log all investigation progress details in Incident Response tracker.

Required Qualifications :

Desired Qualifications :