Cyber Security Engineer -Endpoint Protection Solutions Engineer (Hybrid remote)

itle: Cyber Security Engineer

Location: Washington, DC

Clearance: TS/SCI with the ability to obtain and maintain a CI polygraph

Responsibilities:

• Plan, research and design robust security architectures for IT projects
• Develop requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related network devices
• Design public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures
• Prepare cost estimates and identify integration issues
• Acquire a complete understanding of a customer's technology and information systems
• Perform vulnerability testing, risk analyses and security assessments
• Research security standards, security systems and authentication protocols
• Review and approve installation of firewall, VPN, routers, IDS scanning technologies and servers
• Provide technical supervision for (and guidance to) a security team
• Define, implement, and maintain corporate security policies and procedures
• Oversee security awareness programs and educational efforts
• Respond immediately to security-related incidents and provide a thorough post-event analysis
• Test final security structures to ensure they behave as expected
• Determine the most effective way to protect computers, networks, software, data and information systems against any possible attacks
• Plan, research and design robust security architectures for any IT project
• Test security solutions using industry standard analysis criteria
• Deliver technical reports and formal papers on test findings

Key Skills:

• Penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Secure coding practices
• Ethical hacking and threat modeling
• Identity and access management principles
• Application security and encryption technologies
• Secure network architectures
• Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication
• Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
• Router, switch and VLAN security
• Practices and methods of IT strategy, enterprise architecture and security architecture

Key Technology Familiarity:

• Windows, UNIX and Linux operating system
• Cloud Services (e.g. Amazon Web Services (AWS), Microsoft Azure, etc.)
• Microsoft Office suite
• Network operating systems
• MySQL/MSSQL database platforms
• Perimeter security controls - firewall, IDS/IPS, network access control and network segmentation
• Virtualization technologies
• Encryption technologies and standards
• Wireless security
• VPNs, VLANs, VoIP and other network routing methods
• Network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• C, C++, C#, Java, Python, or other programming languages

Requirements:

• Bachelor's Degree in Computer Science, Software Engineering, Systems Engineering, Information Systems or a related technical discipline with 10+ yrs. of related work experience; an additional 4 years of work experience may be substituted in lieu of a degree
• Strong knowledge of PKI and encryption standards and data science a plus
• Excellent written and oral communication skills a must, with the ability to work independently or as a member of a team; must be comfortable working with personnel on all levels of an organization
• Must possess current DoD 8570 IAT III certification
• Current active TS/SCI clearance, with the ability to obtain and maintain a CI polygraph