Mahantech Corporation
Cybersecurity Engineer 4 – Senior Security Operations Engineer
Mahantech Corporation, Richmond, Virginia, United States, 23214
Overview
Engagement Type: Contract VDOT is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of security policy, intrusion detection/prevention systems, perimeter security technology, and information security. Job Overview: VDOT is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in information systems security, security policy, intrusion detection/prevention systems, firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems, log analysis and management, web content filtering; network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP, web security gateways, network access control, endpoint security, and perimeter security technologies. The Senior Security Operations Engineer contributes to the overall technology roadmap. Responsibilities
Participates in the design, implementation and support of security infrastructure for the Department. Identifies network and information security risks across the enterprise, designs, engineers, and implements security solutions to address risks at an enterprise level. Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment. Maintains effective collaboration with the Office of Information Security (OIS) and other ITD groups. Completes Strategic Plan items pertinent to the Network Security Operations group. Creates, documents, and maintains system policies and procedures. Performs network scans and penetration testing; monitors log analysis and management tools for threats. Evaluates vulnerability scan results and notifies business, application, and infrastructure teams of vulnerabilities in need of remediation. Evaluates and participates in agency Azure cloud solution reviews of network, security, and general project involvement. Ensures daily functions required to maintain security applicable systems and applications are documented. Works with the agency’s ISO team and IT Auditors to review security audit findings and vulnerability scan results; identifies recommended corrective activities and communicates with stakeholders. Device configurations are based on best practices. Keeps relevant documentation up to date. Coordinates the handling and resolution of security incidents. Required/Desired Skills
Considerable knowledge and hands-on experience in information systems security and security policy — Required, 7 Years. Considerable knowledge and hands-on experience with web security gateways, network access control, endpoint security, and perimeter security technologies — Required, 7 Years. Considerable knowledge and hands-on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems — Required, 7 Years. Considerable knowledge and hands-on experience with intrusion detection/prevention systems, log analysis and management, web content filtering — Required, 7 Years. Considerable knowledge and experience with network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP — Required, 7 Years. Demonstrated ability to identify security risks across the enterprise and perform day-to-day operations to protect integrity, confidentiality, and availability of information assets and technology infrastructure — Required, 7 Years. Demonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure — Required, 7 Years. Considerable knowledge and hands-on experience detecting, responding, remediating security incidents — Required, 7 Years. Considerable knowledge and hands-on experience remediating System Security Plans (SSP) and Risk Assessments (RA) in cybersecurity — Required, 7 Years. Solid experience with performing threat, vulnerability, and risk assessments and coordinating the resolution of incidents related to security breaches at an enterprise level — Required, 7 Years. Considerable knowledge and hands-on experience with web-related technologies and penetration testing tools — Required, 7 Years. CISSP — Highly desired.
#J-18808-Ljbffr
Engagement Type: Contract VDOT is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of security policy, intrusion detection/prevention systems, perimeter security technology, and information security. Job Overview: VDOT is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in information systems security, security policy, intrusion detection/prevention systems, firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems, log analysis and management, web content filtering; network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP, web security gateways, network access control, endpoint security, and perimeter security technologies. The Senior Security Operations Engineer contributes to the overall technology roadmap. Responsibilities
Participates in the design, implementation and support of security infrastructure for the Department. Identifies network and information security risks across the enterprise, designs, engineers, and implements security solutions to address risks at an enterprise level. Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment. Maintains effective collaboration with the Office of Information Security (OIS) and other ITD groups. Completes Strategic Plan items pertinent to the Network Security Operations group. Creates, documents, and maintains system policies and procedures. Performs network scans and penetration testing; monitors log analysis and management tools for threats. Evaluates vulnerability scan results and notifies business, application, and infrastructure teams of vulnerabilities in need of remediation. Evaluates and participates in agency Azure cloud solution reviews of network, security, and general project involvement. Ensures daily functions required to maintain security applicable systems and applications are documented. Works with the agency’s ISO team and IT Auditors to review security audit findings and vulnerability scan results; identifies recommended corrective activities and communicates with stakeholders. Device configurations are based on best practices. Keeps relevant documentation up to date. Coordinates the handling and resolution of security incidents. Required/Desired Skills
Considerable knowledge and hands-on experience in information systems security and security policy — Required, 7 Years. Considerable knowledge and hands-on experience with web security gateways, network access control, endpoint security, and perimeter security technologies — Required, 7 Years. Considerable knowledge and hands-on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems — Required, 7 Years. Considerable knowledge and hands-on experience with intrusion detection/prevention systems, log analysis and management, web content filtering — Required, 7 Years. Considerable knowledge and experience with network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP — Required, 7 Years. Demonstrated ability to identify security risks across the enterprise and perform day-to-day operations to protect integrity, confidentiality, and availability of information assets and technology infrastructure — Required, 7 Years. Demonstrated ability to administer and protect the integrity, confidentiality, and availability of information assets and technology infrastructure — Required, 7 Years. Considerable knowledge and hands-on experience detecting, responding, remediating security incidents — Required, 7 Years. Considerable knowledge and hands-on experience remediating System Security Plans (SSP) and Risk Assessments (RA) in cybersecurity — Required, 7 Years. Solid experience with performing threat, vulnerability, and risk assessments and coordinating the resolution of incidents related to security breaches at an enterprise level — Required, 7 Years. Considerable knowledge and hands-on experience with web-related technologies and penetration testing tools — Required, 7 Years. CISSP — Highly desired.
#J-18808-Ljbffr