Jobs via Dice
Job ID:
777674
Position:
Senior Security Operations Engineer (Cybersecurity Engineer 4)
Client:
State of Virginia Department of Transportation
Duration:
12+ Months
Location:
Richmond, VA (Onsite / Hybrid)
Job Overview We are seeking an experienced Senior Security Operations Engineer to support the Virginia Department of Transportation’s cybersecurity program. The engineer will possess deep knowledge in information systems security, intrusion detection and prevention, firewalls, anti‑virus and anti‑malware tools, authentication systems, log analysis, and network protocols across all OSI layers. They will contribute to the overall technology roadmap and oversee security infrastructure implementation.
Key Responsibilities
Participate in the design, implementation and support of security infrastructure for the Department.
Identify network and information security risks across the enterprise and design, engineer, implement security solutions to address those risks at an enterprise level.
Work closely with the IT Division and outside vendors to design, plan, deploy, secure and update network projects.
Maintain effective collaboration with the Office of Information Security (OIS) and other ITD groups.
Complete strategic plan items for the Network Security Operations group.
Create, document, and maintain system policies and procedures.
Perform network scans and penetration testing; monitor log analysis tools for threats.
Evaluate vulnerability scan results and notify business, application, and infrastructure teams of required remediation.
Participate in agency Azure cloud solution review of network, security, and general project involvement.
Document daily functions required to maintain security‑applicable systems and applications.
Collaborate with the agency’s ISO team and auditors to review security audit findings, recommend corrective actions and communicate with stakeholders.
Ensure device configurations follow best practices.
Keep relevant documentation up to date.
Coordinate handling and resolution of security incidents.
Required Skills & Qualifications
Considerable knowledge and hands‑on experience in information systems security, security policy, web security gateways, network access control, endpoint security and perimeter security technologies.
Hands‑on experience with firewalls, anti‑virus software, anti‑malware, anti‑phishing, authentication systems, intrusion detection/prevention systems, log analysis and management, and web content filtering.
Expertise in network protocols and security/authentication protocols at all OSI layers with emphasis on TCP/IP.
Demonstrated ability to identify security risks across the enterprise and perform day‑to‑day operations to protect information assets and infrastructure.
Experience in detecting, responding to, and remediating security incidents.
Experience remediating System Security Plans (SSP) and Risk Assessments (RA) in cybersecurity.
Strong threat, vulnerability and risk assessment skills; coordinating handling and resolution of security breaches at an enterprise level.
Hands‑on experience with web technologies and penetration testing tools.
Certified Information Systems Security Professional (CISSP) preferred.
#J-18808-Ljbffr
777674
Position:
Senior Security Operations Engineer (Cybersecurity Engineer 4)
Client:
State of Virginia Department of Transportation
Duration:
12+ Months
Location:
Richmond, VA (Onsite / Hybrid)
Job Overview We are seeking an experienced Senior Security Operations Engineer to support the Virginia Department of Transportation’s cybersecurity program. The engineer will possess deep knowledge in information systems security, intrusion detection and prevention, firewalls, anti‑virus and anti‑malware tools, authentication systems, log analysis, and network protocols across all OSI layers. They will contribute to the overall technology roadmap and oversee security infrastructure implementation.
Key Responsibilities
Participate in the design, implementation and support of security infrastructure for the Department.
Identify network and information security risks across the enterprise and design, engineer, implement security solutions to address those risks at an enterprise level.
Work closely with the IT Division and outside vendors to design, plan, deploy, secure and update network projects.
Maintain effective collaboration with the Office of Information Security (OIS) and other ITD groups.
Complete strategic plan items for the Network Security Operations group.
Create, document, and maintain system policies and procedures.
Perform network scans and penetration testing; monitor log analysis tools for threats.
Evaluate vulnerability scan results and notify business, application, and infrastructure teams of required remediation.
Participate in agency Azure cloud solution review of network, security, and general project involvement.
Document daily functions required to maintain security‑applicable systems and applications.
Collaborate with the agency’s ISO team and auditors to review security audit findings, recommend corrective actions and communicate with stakeholders.
Ensure device configurations follow best practices.
Keep relevant documentation up to date.
Coordinate handling and resolution of security incidents.
Required Skills & Qualifications
Considerable knowledge and hands‑on experience in information systems security, security policy, web security gateways, network access control, endpoint security and perimeter security technologies.
Hands‑on experience with firewalls, anti‑virus software, anti‑malware, anti‑phishing, authentication systems, intrusion detection/prevention systems, log analysis and management, and web content filtering.
Expertise in network protocols and security/authentication protocols at all OSI layers with emphasis on TCP/IP.
Demonstrated ability to identify security risks across the enterprise and perform day‑to‑day operations to protect information assets and infrastructure.
Experience in detecting, responding to, and remediating security incidents.
Experience remediating System Security Plans (SSP) and Risk Assessments (RA) in cybersecurity.
Strong threat, vulnerability and risk assessment skills; coordinating handling and resolution of security breaches at an enterprise level.
Hands‑on experience with web technologies and penetration testing tools.
Certified Information Systems Security Professional (CISSP) preferred.
#J-18808-Ljbffr