ClearanceJobs
2027487 Cyber Security Engineer $200,000.00
ClearanceJobs, Chantilly, Virginia, United States, 22021
Cyber Security Project Engineer
Position Requires a Top Secret (TS/SCI) Clearance with a Polygraph. The Customer supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Customer requires subject matter expertise in technical risk analysis of enterprise and mission systems, IT systems and networks, mobile and wireless networks, cloud-based computing, network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Customer's technical risk assessment activities. The Customer also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. Work Requirements: The Candidate shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. The Candidate shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being evaluated, from which real insights can be derived to inform risk assessor's judgement. The Candidate shall apply consistent and systematic investigative practices to comprehensively assess risks, identify and characterize threats and vulnerabilities. The Candidate shall evaluate system or network operations using network management platforms, network scanning tools, auditing functions, PCAP captures, and log reviews. The Candidate shall analyze system, network, or cloud configurations for mis-configured settings, configurations not required for deployment, removal of test scripts to minimize the configuration to fulfill the specific deployment. The Candidate shall analyze hardware and software used in a system or network for origin of manufacturer, known vulnerabilities, outdated hardware or software. The Candidate shall remain current with existing and future technologies to assist the Customer with identifying associated risks of implementing proposed technologies. The Candidate shall provide guidance of potential cyber threats, attacks, and exploitations and advise decision-makers of the inherent risks and mitigation to the Customer's equities. The Candidate shall ensure appropriate risk mitigation considerations are baked in early in the development cycle, and risks and vulnerabilities are well understood and appropriately mitigated. The Candidate shall organize and schedule work to effectively manage a case load. The Candidate shall track, document, and communicate progress status updates and weekly status updates on all technical risk assessment reports, cases describing potential security concerns and mitigations to enhance security posture. Mandatory Requirements: Developmental (0-2 years' experience) Full Performance (3-5 years' experience) Senior (6-10 years' experience) Expert (11-15 years' experience) SME (16+ years' experience) Cyber Security Support Demonstrated experience analyzing IT systems for cyber security vulnerabilities. Demonstrated experience developing IT system or network architecture design, conducting IP data flow analysis, encryption configuration, and vulnerability analysis using both open-source and commercial tools. Demonstrated experience analyzing IT network configurations of devices such as firewalls, routers, switches, VPNs, or Intrusion Detection/Prevention Systems for cyber security vulnerabilities. Demonstrated experience with communications protocols such as IP, TCP, UDP, HTTP, HTTPS, MPLS, OSPF, IGRP, BGP, SIP, H.232. Demonstrated experience with multiple OS's, including Windows, Linux, and OSX. Demonstrated experience with Microsoft Windows ver.; 7, 8, 10, 2008R2, 2012, 2012R2, or 2016. Demonstrated experience with cloud computing technology and hypervisors such as HyperV, VMWare ESX, or Virtual Box. Demonstrated experience with transitioning security domains and use of cross domain appliances. Demonstrated experience with network management systems, network storage, backup systems, and disaster recovery (DR) architectures. Demonstrated experience performing technical risk assessments and providing technical risk mitigation guidance. Demonstrated experience ensuring appropriate risk mitigation considerations, risks and vulnerabilities are well understood and appropriately mitigated. Demonstrated experience analyzing procurement processes of hardware, software and services to comply with cyber security and operational needs. Demonstrated experience creating concise and well-structured written assessments. Certifications: CISSP Certification. Optional Requirements: Cyber Security Support Demonstrated experience with the Customer's IT review boards. Demonstrated experience with providing recommendations to IT architecture and design reviews. Demonstrated experience with the Customer's security policies and regulations. Demonstrated experience providing recommendations in technical standards, security standards, and operational assurance. Demonstrated experience with USG standards such as Intelligence Community Directive (ICD) 503, Federal Information Processing Standards (FIPS), National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37, SP 800-39, SP 800-53, SP 800-53A, SP 800-60. Certifications: Certified Information Security Manager (CISM), Certified Ethical Hacker. B4Corp Company Information: B4Corp is a small defense contracting company that focuses on providing an optimum environment for mission-focused, highly skilled consultants to support the United States of America's intelligence community and other defense organizations. B4Corp provides a low overhead, highly efficient, high salary environment that allows employees to excel at meeting the client's needs. B4Corp is looking for information technology professionals that have a high sense of personal responsibility, self-motivation, and mission drive. B4Corp's dedication and care for its employees is reflected in our outstanding compensation and benefits package. B4Corp's benefits reflect the company's policy of putting the employees first. B4Corp's maximum flexibility comp / makeup time policy, along with the company's cafeteria-style benefit plan that allows employees to maximize their Benefit Dollars, reflects B4Corp's commitment to its employees. Compensation: Outstanding Salaries Retirement: Full Vanguard 401k Plan - Featuring a full scope of investment options - 100% employer matched contribution up to 6% of employee's salary - Ability to max out 401k savings $57k ($63.5k if over 50) Employees receive B4Corp phantom stock each year (2-year vesting period) Insurance: Medical - United Health Care (UHC) (multiple plan options) Dental - United Concordia (UC) Flex Plan Vision - Vision Service Plan Insurance Co (VSP) Signature Plans Mutual of Omaha short-term disability (60% of salary up to $2,000.00/week) Mutual of Omaha long-term disability (60% of salary up to $10,000.00/month) Mutual of Omaha life insurance ($200,000.00) Employee Referral Bonus: Refer a friend or a coworker and receive $3,000 per year for every year the person works for B4CORP Paid Time Off (PTO): Seven weeks of leave per year (including ten federal holidays) Flexible work schedule with comp time (with customer approval) Tuition and Training: Free CBTNuggets Online Training Account - More than 200 online IT courses on a large variety of topics, including networking, security, virtualization, and the cloud - Cisco, Microsoft, and Google - Virtual Labs Free Linux Academy Online Training Account
Position Requires a Top Secret (TS/SCI) Clearance with a Polygraph. The Customer supports a diverse set of corporate goals across the organization by conducting technical risk assessments and providing technical risk mitigation guidance on the use of various enabling technologies. The Customer requires subject matter expertise in technical risk analysis of enterprise and mission systems, IT systems and networks, mobile and wireless networks, cloud-based computing, network management platforms, communication protocols, scripting or programming products, configuration scripts, and IT hardware and software products in support of Customer's technical risk assessment activities. The Customer also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding. Work Requirements: The Candidate shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies. The Candidate shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being evaluated, from which real insights can be derived to inform risk assessor's judgement. The Candidate shall apply consistent and systematic investigative practices to comprehensively assess risks, identify and characterize threats and vulnerabilities. The Candidate shall evaluate system or network operations using network management platforms, network scanning tools, auditing functions, PCAP captures, and log reviews. The Candidate shall analyze system, network, or cloud configurations for mis-configured settings, configurations not required for deployment, removal of test scripts to minimize the configuration to fulfill the specific deployment. The Candidate shall analyze hardware and software used in a system or network for origin of manufacturer, known vulnerabilities, outdated hardware or software. The Candidate shall remain current with existing and future technologies to assist the Customer with identifying associated risks of implementing proposed technologies. The Candidate shall provide guidance of potential cyber threats, attacks, and exploitations and advise decision-makers of the inherent risks and mitigation to the Customer's equities. The Candidate shall ensure appropriate risk mitigation considerations are baked in early in the development cycle, and risks and vulnerabilities are well understood and appropriately mitigated. The Candidate shall organize and schedule work to effectively manage a case load. The Candidate shall track, document, and communicate progress status updates and weekly status updates on all technical risk assessment reports, cases describing potential security concerns and mitigations to enhance security posture. Mandatory Requirements: Developmental (0-2 years' experience) Full Performance (3-5 years' experience) Senior (6-10 years' experience) Expert (11-15 years' experience) SME (16+ years' experience) Cyber Security Support Demonstrated experience analyzing IT systems for cyber security vulnerabilities. Demonstrated experience developing IT system or network architecture design, conducting IP data flow analysis, encryption configuration, and vulnerability analysis using both open-source and commercial tools. Demonstrated experience analyzing IT network configurations of devices such as firewalls, routers, switches, VPNs, or Intrusion Detection/Prevention Systems for cyber security vulnerabilities. Demonstrated experience with communications protocols such as IP, TCP, UDP, HTTP, HTTPS, MPLS, OSPF, IGRP, BGP, SIP, H.232. Demonstrated experience with multiple OS's, including Windows, Linux, and OSX. Demonstrated experience with Microsoft Windows ver.; 7, 8, 10, 2008R2, 2012, 2012R2, or 2016. Demonstrated experience with cloud computing technology and hypervisors such as HyperV, VMWare ESX, or Virtual Box. Demonstrated experience with transitioning security domains and use of cross domain appliances. Demonstrated experience with network management systems, network storage, backup systems, and disaster recovery (DR) architectures. Demonstrated experience performing technical risk assessments and providing technical risk mitigation guidance. Demonstrated experience ensuring appropriate risk mitigation considerations, risks and vulnerabilities are well understood and appropriately mitigated. Demonstrated experience analyzing procurement processes of hardware, software and services to comply with cyber security and operational needs. Demonstrated experience creating concise and well-structured written assessments. Certifications: CISSP Certification. Optional Requirements: Cyber Security Support Demonstrated experience with the Customer's IT review boards. Demonstrated experience with providing recommendations to IT architecture and design reviews. Demonstrated experience with the Customer's security policies and regulations. Demonstrated experience providing recommendations in technical standards, security standards, and operational assurance. Demonstrated experience with USG standards such as Intelligence Community Directive (ICD) 503, Federal Information Processing Standards (FIPS), National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37, SP 800-39, SP 800-53, SP 800-53A, SP 800-60. Certifications: Certified Information Security Manager (CISM), Certified Ethical Hacker. B4Corp Company Information: B4Corp is a small defense contracting company that focuses on providing an optimum environment for mission-focused, highly skilled consultants to support the United States of America's intelligence community and other defense organizations. B4Corp provides a low overhead, highly efficient, high salary environment that allows employees to excel at meeting the client's needs. B4Corp is looking for information technology professionals that have a high sense of personal responsibility, self-motivation, and mission drive. B4Corp's dedication and care for its employees is reflected in our outstanding compensation and benefits package. B4Corp's benefits reflect the company's policy of putting the employees first. B4Corp's maximum flexibility comp / makeup time policy, along with the company's cafeteria-style benefit plan that allows employees to maximize their Benefit Dollars, reflects B4Corp's commitment to its employees. Compensation: Outstanding Salaries Retirement: Full Vanguard 401k Plan - Featuring a full scope of investment options - 100% employer matched contribution up to 6% of employee's salary - Ability to max out 401k savings $57k ($63.5k if over 50) Employees receive B4Corp phantom stock each year (2-year vesting period) Insurance: Medical - United Health Care (UHC) (multiple plan options) Dental - United Concordia (UC) Flex Plan Vision - Vision Service Plan Insurance Co (VSP) Signature Plans Mutual of Omaha short-term disability (60% of salary up to $2,000.00/week) Mutual of Omaha long-term disability (60% of salary up to $10,000.00/month) Mutual of Omaha life insurance ($200,000.00) Employee Referral Bonus: Refer a friend or a coworker and receive $3,000 per year for every year the person works for B4CORP Paid Time Off (PTO): Seven weeks of leave per year (including ten federal holidays) Flexible work schedule with comp time (with customer approval) Tuition and Training: Free CBTNuggets Online Training Account - More than 200 online IT courses on a large variety of topics, including networking, security, virtualization, and the cloud - Cisco, Microsoft, and Google - Virtual Labs Free Linux Academy Online Training Account