- Cyber Defense
- Washington, District of Columbia, United States
XOR Security is currently seeking a talented Senior Cyber Security Engineer to support an Agency-level Advanced Cyber Analytics team. This program provides targeted threat monitoring and response capabilities requiring analysts to have advanced levels of experience in security event monitoring, incident response, malware analysis and reverse engineering, cyber intelligence, insider threat, penetration testing, and fusion analysis. The position will respectively focus on Security Engineering of advanced analytic tool suites.
To support this vital mission, XOR staff are at the forefront of providing Advanced Analytics, and Systems Engineering support to include the development of advanced analytics and countermeasures to protect critical assets from hostile adversaries. To ensure the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in cyber security systems operations, analysis and incident response.
The Security Engineer will need to be a self-starter with excellent analytical and problem-solving skills, flexibility, good judgment and the ability to coordinate multiple, concurrent tasks in an effective manner. The Security Engineer works with internal team members to ensure the systems are functional, secure, and scalable. The systems and networks developed will be used to collect and process data and improve the DHS SOC security infrastructure.
The Security Engineer will engineer design and develop cyber security technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks.
- Design, develop, and deploy solutions and verifying the solutions that have been implemented.
- Rapidly adjust designs based on new threat and attack information.
- Design enterprise and systems security throughout the development life cycle; translate technology and environmental conditions (e.g., law and regulation) into security designs and processes.
- Maintain up‐to‐the‐minute currency on attack techniques being used by adversaries against any of the components being engineered into new or updated systems.
- Avoid myths about design controls that are considered to be effective but, in fact, are not.
- Use knowledge about current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, and systems and applications.
Specific tasks and deliverables will apply to DHS efforts including the following:
- Pilot of a multi‐cloud security stack providing boundary defenses, visibility, telemetry, and active‐defense of various cloud‐based systems and services as well as potentially any internet connected or wide‐area networked computing systems, services, or resources
- Cloud modernization initiatives migrating on‐premise systems and/or functions and optimizing for cloud capabilities, designs, and secure best practices
- Implementation of cloud‐computing services and capabilities providing additional security enhancements, optimizations, or additions improving the effectiveness and efficiency of efforts to protect DHS mission, systems, and information.
- ACTIVE TOP SECRET CLEARANCE AND ABILITY TO ATTAIN A DHS EOD
- 10 + years of Hands-on programming/scripting
- 10+ years of Perl, Python, Shell, etc. Python is must have skills.
- 10+ years of years of Linux networking
- 10+ years of System engineering and network and system
- Direct Customer Engagement
- Risk Management in Cloud Environment
- Security Architecture Development
- OpenStack Experience
- Ansible experience
- RHCSA/RHCE Certification
- Requirements Identification
- Experience working with developers and process improvement
- Experience identifying new tools and/or required upgrades based on ROI
- Recent security operations center (SOC) experience
- 3+ years experience with system engineering and network and system administration with strong skills in orchestration and automated deployments
- Breadth of technical experience and knowledge with designing, building, deploying, and maintaining infrastructure both on-prem and in cloud environments
- Experience configuring and deploying a variety of services on both Linux and Windows
- Experience with Linux networking
- Experience with orchestration and infrastructure automation tools
- Experience configuring and managing virtualized environments
- Hands-on programming/scripting experience and the ability and willingness to learn new languages as needed
- Demonstrated ability to adapt to new technologies and learn quickly
- Can work independently
- Mastery of, and ability applying advanced network, cloud, cybersecurity and system technologies
- Mastery of, and ability applying systems administration and system engineering/ security theories, concepts, methods and best practices throughout the System Development Life Cycle (SDLC)
- Mastery in defining solutions using security architecture requirements and customer requirements
- Mastery in designing secure, scalable, highly available fault tolerant cloud systems
- Mastery in selecting the appropriate cloud service based on data, compute, database and cybersecurity requirements
- Mastery in protecting a network against malware
- Mastery in the identification and definition of cloud based security architecture requirements and patterns
- Knowledge of packet‐level analysis
- Knowledge of penetration testing principles, tools, and techniques (e.g., metasploit, neosploit, etc.)
- Knowledge of network access, identity and access management (e.g., public key infrastructure, PKI)
- At least 7 years of experience supporting mission-critical projects. Performance metrics related to security operations. Cyber Kill Chain and Intelligence Driven Defense hands on knowledge Cyber transformation experience Cyber analyst experience - Not required, engineering is key
- Detailed knowledge of key cyber and network technologies such as Netwitness, Splunk, ArcSight, FireEye. 5+ years experience with system engineering and network and system administration with strong skills in orchestration and automated deployments. Experience with the tools used to design, build, deploy, and maintain infrastructure in a variety of cloud environments.
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and TOP SECRET CLEARANCE REQUIRED.