- Springfield, Virginia, United States
XOR Security is currently seeking a talented Senior Network Engineer to support an Intelligence Community Customer in Springfield VA. The Cyber Security Operations Cell (CSOC) support includes analysis, investigation, reporting and remediation of cyber incidents, incident escalation to CSOC/Focused Operations, planning and development of cyber countermeasures, initiation of incident notification procedures, and collaboration with external IC and DoD Cyber units as well as reporting Cyber Defense status to the CSOC, Customer leadership, and external IC and DoD Cyber units.
To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis, and incident response. Strong written and verbal communications skills are a must. The ideal candidate will have experience with Project Management, Network Engineering, JIRA, Data Analysis, Firewall Guards, Linux System Administration, and industry certifications such as CISSP, CASP.
- Analyzes, designs, develops, and/or maintains both hardware and software needed for network communications including local area networks (LAN)s, wide area networks (WAN)s, the Internet, intranets, and other data communication systems.
- Possesses experience with most common network components to include routers, switches, firewalls, protocols, VoIP, DNS, remote access, VPN, routing, and switching. Also has knowledge of TCP/IP routing technologies including OSPF, EIGRP, and BGP, in addition to knowledge of applicable business lines/industries.
- Communicates complex concepts and data effectively and creatively (both written and oral) across multiple organizations, both internal & external, and with executive company and customer management.
- Performs design, engineering, implementation, maintenance, and upgrade of the local area networks (LAN)s and/or wide area network (WAN), and/or security infrastructure.
- Maintains a thorough knowledge of existing network and/or security hardware and software in use to provide third-tier technical and administrative support and provide complex internal analysis and support of the network and/or security infrastructure.
- Develops network support processes, procedures and guidelines for troubleshooting network events and performing sustaining tasks.
- Acts as the technical interface with vendors and other external stakeholders and reviews/makes recommendations on the network and/or security service/maintenance arrangements.
- Designs and maintains network environments to comply with relevant compliance standards and evaluates, consults and makes technology recommendations to senior management. Reviews technical documentation of supported environments to ensure that documentation is accurate and up-to-date.
Springfield, VA. USA
Skills and Qualifications:
- Ten years+ (10+) years of experience in network defense environments
- Master’s Degree in Computer Science, Computer Engineering, Information Systems or equivalent experience
- Position requires a current CND-A certification with the appropriate computing environment certification(s) for the tools and devices they support IAW DoD 8570.01-M
- Strong analytical and technical skills in computer network defense operations, ability to lead efforts in Security Engineering
- Ability to work greater than 40 hours per week as needed (occasional night and weekend work required)
- Ability to work on-call for escalated cyber security incidents.
- Experience with deployment and documentation of enterprise project management and change management processes
- Ability to identify solutions to potential network issues/embrace network simplification and strengthened security
- Ability to conduct event triage and analysis and incident investigation
- Ability to develop rules, filters, views, signatures, countermeasures and operationally relevant applications and scripts to support analysis and detection efforts
- Strong logical/critical thinking abilities, especially analyzing network traffic and IDS events for malicious intent
- Strong proficiency Report writing – a technical writing sample and technical editing test will be required if the candidate has no prior published intelligence analysis reporting
- Understanding of command line scripting and implementation (e.g., Python, Powershell)
- Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, SNORT signatures, Python scripts, Powershell scripts)
- Experience with tools such as Active Directory, Cisco IOS, MS Server, ESA, WSA, Stealthwatch, AMP, Splunk, Splunk ES, SNORT, Yara, IronPort, and Firepower.
- Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)
- Ability to perform NetFlow / packet capture (PCAP) analysis
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and TOP SECRET WITH SCI CLEARANCE REQUIRED.