- Federal Civilian
XOR Security is currently seeking talented Mid- Level Network Security Engineer for an exciting position supporting one of our premier clients. Our project is aimed at establishing cutting-edge techniques for network defense, identifying threats and detecting malicious activity using advanced toolsets.
The ideal candidate will have hands-on experience with all phases of network engineering, Incident Response, Security Engineering, and Intrusion Detection on an operational network. In addition, the candidate should have an in-depth understanding of networks and be able to perform the installation, configuration, tuning, and administration of a Cisco-based data communications network and network security devices. The candidate will implement network security best practices; develop and maintain ‘acceptable use policies’ for IP network, firewall, and filtering policies. Additionally, the ideal candidate should have experience in administering a Microsoft environment. The associated duties will include the configuration, tuning, and scripting of Microsoft server platforms, including Active Directory.
This effort will require a skilled engineer with experience performing analysis of network security solutions, including identifying gaps, recommending and implementing configuration changes to the SIEM. The candidate will also ensure existing network infrastructure and configuration standards are adhered to when delivering projects.
The candidate should be able to coordinate engineering and analysis efforts between network, incident response and management teams. The candidate must have a strong understanding of networking, analysis and system administration. Additionally, the candidate should be comfortable interacting with all levels of a security team. The ideal candidate will have experience with the following tools: Stealthwatch, ESA/WSA, Cisco AMP, Splunk ES, Firesight, Symantec DLP and SEP.
Washington D.C., USA
Skills and Qualifications:
- An industry technical certification such as CCNA, MCSE, GCIH, or GISP
- Experience with: Active Directory, Cisco IOS, MS Server, ESA, WSA, Stealthwatch, AMP, Splunk, FortSIEM, and Firepower, CounterACT
- Experience with deployment and documentation of enterprise project management and change management processes
- Ability to identify solutions to potential network issues
- Collaborate on problem management and root cause analysis discussions with fellow network engineers, security engineers and analysts
- Draft technical requirements, configuration management, and planning documentation
- Support the Security Impact Analysis (SIA), an analysis that is conducted by the security team to review the extent to which changes to the information system will affect the security state of the system
- Participate in testing and planning of operational network segmentation
- Perform implementation of security and compliance-based use cases based on the NIST 800-53 Rev4 security controls
- Three (3) years of experience in network defense environments.
- Understanding of command line scripting and implementation. (e.g., Python, Powershell)
- Understanding of scripting and content creation. (e.g., Splunk dashboards, SNORT signatures, Python scripts, Powershell scripts.)
- Strong understanding of networking. (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)
- Ability to perform Netflow / packet capture (PCAP) analysis.
- Experience with cyber threat hunting.
- Bachelor’s Degree in Computer Science, Computer Engineering, Information Systems or equivalent experience.
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and PUBLIC TRUST CLEARANCE REQUIRED.