XOR Security is currently seeking a talented Security Engineer to support an Agency-level SOC. The SOC program provides comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise. Security Engineers will conduct Operations and Maintenance (O&M) of critical security infrastructure for a 24x7x365 SOC environment.
To support this vital mission, XOR staff are on the forefront of providing Advanced CND Operations, and Security Engineering support to include the development of advanced analytics and countermeasures to protect critical assets from hostile adversaries. To support the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in security engineering and systems administration. The ideal candidate will have a solid understanding of complexities related to Operations and Maintenance (O&M) of critical security infrastructure for a 24x7x365 environment. Additionally, the ideal candidate would be familiar with managing intrusion detection systems, Security Information Event Management (SIEM), endpoint threat detection and response, host-based intrusion prevention, antivirus, various firewall technologies, Storage Area Network (SAN), and virtual computing platforms.
- Experience with supporting a SOC program in some or all of the following tools: Splunk, Netwitness, RSA Archer, IIS, Exabeam, Veronis.
- Experience with Threat Feed Integration into Splunk.
- Experience troubleshooting operations issues and providing customer support for software operating systems, middleware and application issues.
- For Security Engineers, minimum 3+ years of experience of systems engineering and systems development, database administration, related to one or more enterprise security tools. If the candidate does not have a degree, 5+ years of experience is required for the Security Engineer position.
- Designs and stands up security tools, components, applications, and servers that meet production specifications and project schedules.
- Experience with the configuration, installation (including hardware deployment), or O&M of one or more of the following technologies (specific tools listed in parentheses): Network Threat Hunting (Sqrrl), Big Data Analytics (Splunk), Endpoint Threat Detection (Tanium), SIEM, workflow and ticketing (RSA Archer or Remedy), and Intrusion Detection/Prevention System (FireSight), Storage Area Network (SAN) platform (EMC), *NIX/Windows Operating Systems, and virtual computing (VMware).
- Ability to review and understand technical policies and standards and provide subject matter expertise and recommendations in its practical application and implementation in an enterprise network security environment.
- Experience with the practice and execution of change, problem and incident management concepts and methodologies; i.e. ITIL.
- Experience in enterprise system and subsystem planning, integration and security architecture design and deployment projects.
- Ability to write and updates technical documentation such as user manuals, system documentation, and training materials.
- Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, Computer Engineering, or Electrical Engineering.
- Experience developing network architectures, diagrams, security plans or accreditation documentation.
- One or more certifications related to Security Engineering: GCWN, GCUX, GISF, GSSP, GISCP, CISSP, CCSP, CSSLP, SSCP, CCNP, RHCSA.
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided