Listing Description
XOR Security is currently seeking talented Mid-level and Senior Security Engineer for a Federal Agency Security Operation Center (SOC). Our project is aimed at establishing cutting-edge techniques for network defense capability with an optimized toolset.
This effort will require a skilled engineer with leadership and hands-on technical experience designing, implementing, and maintaining enterprise SOC tools. The candidate will be expected to have familiarity performing analysis on the operational network and to be able to deliver recommendations on network segmentation and architectural improvements. The candidate will also ensure existing network infrastructure and configuration standards are adhered to when delivering projects. The candidate should be able to coordinate engineering and analysis efforts between network, incident response and management teams. The candidate must have a strong understanding of networking, analysis and system administration at an operating system and application level, as well as experience with cloud architecture.
Corporate duties such as solution/proposal development, corporate culture development, mentoring employees, supporting recruiting efforts, will also be required.
Position Roles and Responsibilities:
· Support a SOC engineering team for a 24x7x365 program (core hours with on-call as needed).
· Provide hands-on engineering support to install, configur, monitor, and troubleshoot network security solutions and related monitoring tools including L2/L3 network devices, Network Admission Control (NAC), 802.1x, Firewalls, IDS/IPS, VPN Solutions, Web Application Firewalls, Content Filtering, and NetFlow Analysis.
· Deploy and maintain security infrastructure in both development and production environments.
· Provide technical consulting for enterprise security architecture.
- Evaluate new technologies and processes that enhance security capabilities.
· Test security solutions using industry standard analysis criteria and deliver findings reports with Analysis of Alternatives.
· Developing network architectures, diagrams, security plans, and supporting information assurance
- Troubleshoot problems and provide customer support (core hours and on-call) for software, operating systems, middleware and application issues.
- Designs and stands up security tools, components, applications, and servers that meet production specifications and project schedules.
- Participate and lead large system and subsystem planning and integration projects.
- Write and update technical documentation such as user manuals, system documentation, and training materials.
- Identify solutions to potential network issues/embrace network simplification and strengthened security.
- Lead problem management and root cause analysis discussions with fellow network engineers, security engineers and analysts.
- Support the Security Impact Analysis (SIA), an analysis that is conducted by the security team to review the extent to which changes to the information system will affect the security state of the system.
- Subset of tools in scope for O&M Support:
- FireEye
- Symantec SEP and Content Analyzer
- Tenable Security Center
- IBM Qradar
- Crowdstrike
Required Qualifications:
- For Mid-Level Engineer: Minimum 3 years of experience with network systems engineering, systems development, and security engineering.
- Bachelor’s Degree in Computer Science, Computer Engineering, Information Systems or equivalent experience.
- Strong working knowledge of Security Services, Networking, Security Policy and Consulting.
- Advanced working knowledge of encryption algorithms, secure communications, SIEM technologies, embedded systems security; advanced working knowledge of network and data communication protocols.
- Familiarity with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
- Experience with Network based IDS/IPS technologies and affiliated modes of operation
- Experience responding to information security issues during each stage of a project’s lifecycle to include: supervise changes in software, hardware, facilities, telecommunications and user needs; using interpersonal skills to interact with customers and team members, strong written and oral communication, strong diagnosis and troubleshooting skills, ability to solve complex technical problems, and ability to learn and support new systems and applications.
- Experience administering hardware, software, operating systems, and application components of various isolated network environments. These components include Windows workstations/servers, Linux/Unix servers, Mac OSX, Dell, and security applications.
- Strong background in network engineering and systems administration with the ability to maintain systems with 99% uptime requirements (including on-call and weekend support if required).
- Experience with the configuration, installation of log management solutions, Dynamic/Static Malware Analysis systems, enterprise honeynet technologies, and Network/host-based security applications and appliances.
- Experience with deployment and documentation of enterprise project management and change management processes.
- Experience with the configuration, installation (including hardware deployment), or O&M of one or more of the following technologies: Network Threat Hunting, Log Management, Crowdstrike Endpoint Detection and Response (EDR), Qradar SIEM, workflow and ticketing, and Intrusion Detection/Prevention System, Storage Area Network (SAN) platform, *NIX/Windows Operating Systems, and virtual and cloud computing (VMware, Azure, AWS).
- Draft technical requirements, configuration management, and planning documentation
Listing Details
- Salary: $90000 - $114000
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute