Telos Corp.
Job Title
IA Engineer Lead Job Description
The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security. Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment! This position will be Remote. Responsibilities
Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications) Conduct and/or support authorized penetration testing on enterprise network assets Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes) Prepare assessment reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions Lead compliance framework assessments (e.g., NIST 800-53, HIPAA, SOC-2) Maintain deployable cyber defense assessment toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense assessment missions Provide formal written and verbal communication with customer leadership and technical staff regarding assessment findings and reports Coordinate virtual team communication via multiple collaboration tools with team members and leadership Lead small to mid-sized projects with oversight and guidance from manager Job Requirements
Qualifications: Bachelor's Degree in Cybersecurity, Computer Science, Mathematics, Information Technology or related field, and 8 years of experience, or a Master's with 6 years of experience; equivalent experience and professional training/certifications to offset degree requirements will be considered Five years minimum of experience in information assurance/cybersecurity Clearance eligible required; Current clearance preferred (i.e., DoD Secret) The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship Must possess one of the following certifications: CISSP, CEH, SSCP, OSCP, Security+, CAP Skill in: Conducting vulnerability scans and recognizing vulnerabilities in security systems Conducting application vulnerability assessments The use of penetration testing tools and techniques Using network analysis tools to identify vulnerabilities Assessing compliance with standard configuration baselines (DISA STIG/SRC, CIS Benchmark) Assessing the application of cryptography Assessing the robustness of security systems and designs Mimicking threat behaviors The use of social engineering techniques Performing impact/risk assessments Identifying systemic security issues based on the analysis of vulnerability and configuration data Assessing security controls against recognized compliance frameworks (e.g., NIST 800-53) Knowledge of: Application vulnerabilities Computer networking concepts and protocols, and network security methodologies Network traffic standards and technology (TCP/IP, IP, OSI, etc.) Penetration testing principles, tools, and techniques System and application security threats and vulnerabilities (e.g., buffer overflow, XSS, injections, etc.) Risk management processes Network security architecture concepts including topology, protocols, components, and defense-in-depth Legal, regulatory, and ethical aspects related to cybersecurity Industry standard compliance frameworks (NIST 800-53, CIS) Cybersecurity principles and threats Cryptography and cryptographic key management concepts Host/network access control mechanisms (e.g., ACLs) and PKI concepts Network protocols such as TCP/IP, DNS, DHCP, and directory services System administration concepts for Unix/Linux and/or Windows OS hardening General attack stages and defensive considerations The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship. Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment. Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the SSA and/or DHS of your authorization to work in the United States. Telos offers compensation commensurate with experience and benefits. Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities. If you need a reasonable accommodation, please contact us at 1-800-283-1911. Telos Corporation is an EEO/AA employer. Job Type
Full-Time Location
Ashburn, VA 20147 US (Primary)
#J-18808-Ljbffr
IA Engineer Lead Job Description
The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security. Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment! This position will be Remote. Responsibilities
Perform technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications) Conduct and/or support authorized penetration testing on enterprise network assets Make recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes) Prepare assessment reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions Lead compliance framework assessments (e.g., NIST 800-53, HIPAA, SOC-2) Maintain deployable cyber defense assessment toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense assessment missions Provide formal written and verbal communication with customer leadership and technical staff regarding assessment findings and reports Coordinate virtual team communication via multiple collaboration tools with team members and leadership Lead small to mid-sized projects with oversight and guidance from manager Job Requirements
Qualifications: Bachelor's Degree in Cybersecurity, Computer Science, Mathematics, Information Technology or related field, and 8 years of experience, or a Master's with 6 years of experience; equivalent experience and professional training/certifications to offset degree requirements will be considered Five years minimum of experience in information assurance/cybersecurity Clearance eligible required; Current clearance preferred (i.e., DoD Secret) The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship Must possess one of the following certifications: CISSP, CEH, SSCP, OSCP, Security+, CAP Skill in: Conducting vulnerability scans and recognizing vulnerabilities in security systems Conducting application vulnerability assessments The use of penetration testing tools and techniques Using network analysis tools to identify vulnerabilities Assessing compliance with standard configuration baselines (DISA STIG/SRC, CIS Benchmark) Assessing the application of cryptography Assessing the robustness of security systems and designs Mimicking threat behaviors The use of social engineering techniques Performing impact/risk assessments Identifying systemic security issues based on the analysis of vulnerability and configuration data Assessing security controls against recognized compliance frameworks (e.g., NIST 800-53) Knowledge of: Application vulnerabilities Computer networking concepts and protocols, and network security methodologies Network traffic standards and technology (TCP/IP, IP, OSI, etc.) Penetration testing principles, tools, and techniques System and application security threats and vulnerabilities (e.g., buffer overflow, XSS, injections, etc.) Risk management processes Network security architecture concepts including topology, protocols, components, and defense-in-depth Legal, regulatory, and ethical aspects related to cybersecurity Industry standard compliance frameworks (NIST 800-53, CIS) Cybersecurity principles and threats Cryptography and cryptographic key management concepts Host/network access control mechanisms (e.g., ACLs) and PKI concepts Network protocols such as TCP/IP, DNS, DHCP, and directory services System administration concepts for Unix/Linux and/or Windows OS hardening General attack stages and defensive considerations The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship. Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment. Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the SSA and/or DHS of your authorization to work in the United States. Telos offers compensation commensurate with experience and benefits. Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities. If you need a reasonable accommodation, please contact us at 1-800-283-1911. Telos Corporation is an EEO/AA employer. Job Type
Full-Time Location
Ashburn, VA 20147 US (Primary)
#J-18808-Ljbffr