CyberOps Security Engineer (Scanning & Incident Response) with Secret Clearance

Job Summary

We are seeking a Security Engineer to support our customer that will be responsible for assisting the Vulnerability Scanning team as well as maturing the operational and engineering functions within the Incident Response Service Line. The Security Engineer will report directly to the CyberOps Project Manager. Will be required to independently lead and or conduct enterprise and system-level Security Engineering tasks, while also working as part of the overall CyberOps team.

Position: Full-time

Citizenship: U.S. Citizenship

Location:Remote (90%) and Norfolk VA/Portsmouth VA

Clearance: Active DoD Secret Clearance

Responsibilities and Duties:Scanning & Incident Response (ACAS)

• Performs network vulnerability scanning using ACAS, and performs vulnerability analysis, vulnerability reporting in accordance with the provisions of DoD, DISA, and NIST policies, directives, and guidelines.
  
• Diagnoses and resolves ACAS vulnerability scanning credential failures, false positives, scanning issues and reporting issues.
  
• Provides detailed reports including data, analyses, and conclusions upon completion of tests, scans, and assessments, including mitigations and, if indicated, appropriate escalation of identified risks and vulnerabilities.
  
• Serves as a liaison for day-to-day incident response between the client site and the Cyber Security Operations Center (CSOC).
  
• Ensure timely response to any cyber incident to minimize risk exposure and production down time.
  
• Assists with incident response activities to include evidence collection, event correlation and threat containment.
  
• Assists collaboration with IA and business system s stakeholders during incident response.
  
• Tracks and documents incident response actions and experiences to include after-action reports, metrics, and lessons learned.
  
• Performs other Network Security/Information Assurance tasks as assigned.
  
• Leads/Participates in system/security policy and standards development, including writing guidelines, standards, procedures, and other technical documentation.
  

Qualifications and Skills:

Education

• 4 or more years IT engineering/network security/information assurance experience demonstrating successful command of technical and analytical skills and abilities described above.
  

Certifications

• Candidate is required to have, at a minimum IAT Level II certification in accordance with the DoD 8570.1 M Information Assurance Workforce Improvement Program (security +)
  

Knowledge & Skills

• Experience with cyber security incident response protocols (e.g., identification, impact assessment, containment, remediation, evidence handling, technical reporting, etc.) and safeguarding information.
  
• Scanning & Incident Response experience; ACAS experience
  
• Experience with IAVMs, DISA STIGs, POA&Ms, and related Federal/DoD policies and regulation.
  
• Basic knowledge of common Operating Systems to include, Windows 7/10/11, Unix, Windows Server 2008/2012/2016/2019/2022, Cisco Routers, Firewalls, Proxies, and Switches.
  
• Background in some or all of the following: Networking, Security Engineering, Systems Engineering, Configuration Management.
  
• Experience with network scanning tools: Tenable Nessus, Tenable Security Center.
  
• Knowledge of NIST RMF process to include DHS/DoD security and risk management policies and procedures.
  
• Excellent customer/client focus, with the ability to manage expectations appropriately, provide a superior customer/client experience and build long-term relationships.