Cybersecurity Engineer

Secret Security clearance with ability to obtain TS/SCI

Work depends on several Cybersecurity Engineers joining our team to support Department of State activities at Sterling, VA. As a Cybersecurity Engineer supporting Department of State (DoS) Commercial Solutions for Classified (CSfC) deployment, you will be trusted to secure DoS CSfC services. Reporting to the Cybersecurity Operations Lead, you will be responsible for strengthening the defensive posture and cyber defense operational readiness of a CSfC deployment and collaborating with DoS cybersecurity operations to assure the program defends and protects Government assets from external Cybersecurity attacks and Insider Threats that can potentially cause or create data, systems, networks, and personnel vulnerabilities.

• Must have strong analytical and technical skills in computer network defense operations, ability to lead efforts in Incident Handling (Detection, Analysis, Triage), Hunting (anomalous pattern detection and content management) and Malware Analysis
• Experience and ability analyzing information technology security events to discern events that qualify as legitimate security incidents as opposed to non-incidents. This includes security event triage, incident investigation, implementing countermeasures, and conducting incident response
• Must be knowledgeable and have hands-on experience with a Security Information and Event Monitoring (SIEM) platforms and/or log management systems that perform log collection, analysis, correlation, and alerting
• Strong logical/critical thinking abilities, especially analyzing security events (windows event logs, network traffic, IDS events for malicious intent)
• Excellent organizational and attention to details in tracking activities within various Security Operation workflows
• Experience with the identification and implementation of counter-measures or mitigating controls for deployment and implementation in the enterprise network environment
• Experience with one or more of the following technologies Network Threat Hunting, Big Data Analytics, Endpoint Threat Detection and Response, SIEM, workflow and ticketing, and Intrusion Detection System
• Maintain current knowledge of relevant CSfC technology and willingness to contribute to other software deployment and management
• Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts
• An understanding in researching Emerging Threats and recommending monitoring content within security tools
• Experience in analyzing NetFlow data and packet capture (PCAP)
• Robust knowledge of common attack methodologies, tactics and protocols
• Knowledge of the TCP and IP protocol suite, security architecture, DNS and remote access security

• Bachelor’s degree in a Computer Science, Engineering or Information Technology related field is desired however combination of education and equivalent experience accepted
• 4-6 years of experience in cybersecurity
• Demonstrate proven experience (with tangible outcomes and results), a can-do attitude, an ability to influence internal and external customers, and a leadership and communication style required to foster agreement and productive outcomes
• Aware of Android and iOS technical differences
• Experience using Microsoft Office including MS Visio, MS Word, MS Excel and other appropriate tools.
• Strong English communication skills with ability to lead working groups, communicating clearly and succinctly in written and oral presentations
• Technical knowledge of any of; Cisco ICE/UCS, ForcePoint (High Speed Guard McAfee), InfoBlox, MetricStream, Radiant Logic, Tenable Security Center, Sciencelogic, SonarSource, Appscan HCL