Listing Description

Job Description: Senior-level Security Engineer 

Job Description: Senior-level Security Engineer 

XOR Security is currently seeking talented Security Engineers to support an Agency-level Focused Operations (FO) team at DHS. This program provides targeted threat monitoring and response capabilities requiring analysts to have advanced levels of experience in security event monitoring, incident response, malware analysis and reverse engineering, cyber intelligence, insider threat, penetration testing, and fusion analysis.  The positions will respectively focus on Security Engineering of advanced analytic tool suites.  To support this vital mission, XOR staff are at the forefront of providing Advanced Analytics, and Systems Engineering support to include the development of advanced analytics and countermeasures to protect critical assets from hostile adversaries.  

Security Engineers will support the Security Engineering Team (SET) to provide network maintenance, FISMA compliance and special projects engineering support. The SET maintains, configures, and installs all supported hardware and software residing within EAS and provides support for all FO engineering special projects. provide those services on a 24x7 (24 hours, 7 days a week) basis. While the contractor will perform “onsite” maintenance during normal business hours. We require that the staff maintain their availability on a 24x7 basis as cyber incidents requiring action can occur at any time and on any day. This team performs engineering and system administration services on all FO systems located in on-premises, in the cloud and in wireless environments. These systems include threat emulation, custom big data analytics, open-source and COTS/Government-off-the-Shelf (GOTS) tools as listed below:  

1) Case/Incident, Cyber Threat, Cyber Intelligence Trending Tracking Tool  

2) Enterprise Tactical Operations Tool  

3) Litigation Support/FOIA and Forensics Tools  

4) Hunting and Threat Emulation Tools  

5) Other FO Development Projects (As Assigned)  

Job Duties 

Implement automation and orchestration capabilities within the FO environment.  

• Document, design and development documentation on on-premises and cloud-based solutions provided. Documentation includes standard operating procedures (SOPs), Technical documentation etc.  


• Provide support for TSA Public Key Infrastructure (PKI) functions, including system administrative support for creating and setting up certificates on systems. Must provide analysis related to the design, development, security and integration of hardware, software, man-machine interfaces and all system level requirements to provide an integrated IT solution.  


• Perform health and wellness monitoring of the FO FISMA Systems.  

• Perform administration, maintenance, and updates of forensic applications to ensure they remain function.  


• Ensure that updates to applications and systems shall be carefully planned and scheduled so as to not affect any on-going or active investigations.  


• Review the health and well-being of all security technologies including firewall, router, Virtual Private Network (VPN), Intrusion Detection System (IDS) sensors, Proxy, wireless, PKI, and switch changes within FO FISMA Systems. The results of which shall be captured and reported in the monthly FO Network Health and Wellness Reports deliverable on a monthly basis.  


• Travel to locations where Enterprise Analysis System (EAS) devices are located for system administration and/or repair if needed.  


• Ensure that all changes required follow the proper Request for Change (RFC) process, have been approved through the appropriate Change Control Board (CCB) and are properly tested before deployment to the production FO FISMA Systems.  

• Recommend and implement technologies/changes that will enhance the operations and/or security of the FO FISMA Systems.  


• Document all recommendations and changes and provide it to the COR.  


• Ensure that all TSA change control processes are followed, and all changes are approved prior to implementation.  


• Coordinate with other TSA offices in order to have FO technologies implemented within the TSA Systems.  


• Create and deliver Security and Vulnerability Status reports all systems managed by the Contractor on a monthly basis.  

• Administer, review and provide recommendations for the following devices, both hardware and software (Windows, Macintosh and UNIX/Linux based), including laptops, desktops, PDAs, printers, mobile computing devices, mobile electronic media, Active Directory Servers, member servers, other workgroup servers outside of the main Active Directory realm, other technology devices such as forensic write blocking, and imaging for the FO FISMA Systems.  


• Assist in the management of all Operating Systems, tools and applications utilized by IAD Security Engineers, as needed.  


• Develop integrated system test requirement, strategies, devices and systems.  


• Conduct overall system level testing and security testing.  


• Design and integrate information security suites, tools, capabilities into delivered solutions to ensure federal and commercial security best practices.  

• Support TSA IAD Enterprise Projects as an IAD/FO representative on FO Integrated Projects.  


• Work with the FO leadership team to ensure licenses software and hardware are renewed as needed with adequate leeway for the processing of payments (6 – 8 months).  


• Maintain 100% FISMA complaint networks for all FO operations at all times. Provide monthly reporting showing compliance.  


• Apply security patches, updates etc. as directed. Some require application within 12 hours of notification.  


• All documentation is maintained and current. Updates are applied monthly (minimum).  

Required Qualifications: 

• At least 3 years of experience.   


• Bachelor's Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering. 


• Currently cleared or can be cleared to the SECRET level preferably with a DHS-agency EOD. 


• Experience administering hardware, software, operating systems, and application components of various isolated network environments. These components include Windows workstations/servers, Linux/Unix servers, Mac OSX, Dell, Access Data, and Guidance Software products. 

• Strong background in network engineering and systems administration with the ability to maintain systems with 99% uptime requirements (including on-call and weekend support if required). 


• Experience developing network architectures, diagrams, security plans, and supporting information assurance 


• Troubleshoots problems and provides customer support for software operating systems, middleware and application issues. 


• Minimum 5 years of experience with network systems engineering, systems development, and security engineering. 


• Designs and stands up security tools, components, applications, and servers that meet production specifications and project schedules. 

• Experience with the configuration, installation of Big Data Analytics solutions, Dynamic/Static Malware Analysis systems, enterprise honeynet technologies, and Network/host-based security applications and appliances. 


• Participates in large system and subsystem planning and integration projects. 


• Writes and updates technical documentation such as user manuals, system documentation, and training materials. 

Desired Qualifications: 

• Experience in lifecycle engineering with commonly used security tools is required (i.e. Elastic, Splunk, Archer, Cisco, BlueCoat, Linux, HBSS, Mcafee, Tanium, Nessus, ELK, Hadoop, Sqrrl etc.) 

Closing Statement: 

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits. 

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V. 

Citizenship Clearance Requirement 
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and SECRET CLEARANCE REQUIRED.