Washington D.C.

Senior Security Engineer

Job Specs

Code:
4785698002
Department:
Cyber Defense
Date:
20-07-29
Offices:
Washington, District of Columbia, United States

Job Description:

XOR Security is currently seeking talented Senior Security Engineer for an exciting position supporting one of our premier clients. Our project is aimed at establishing cutting-edge techniques for network defense, identifying threats and detecting malicious activity using advanced toolsets.

This effort will require a skilled engineer with experience performing analysis of network security solutions, including identifying gaps, recommending and implementing configuration changes to the SIEM.  The candidate will be expected to have familiarity performing analysis on the operational network and to be able to deliver recommendations on network segmentation and architectural improvements.  The candidate will also ensure existing network infrastructure and configuration standards are adhered to when delivering projects.

The candidate should be able to coordinate engineering and analysis efforts between network, incident response and management teams. The candidate must have a strong understanding of networking, analysis and system administration.  Additionally, the candidate should be comfortable interacting with all levels of a security team. 

Location:

Washington D.C., USA

Required Qualifications:

  • Public Trust
  • 4 + years of experience
  • Experience with: Active Directory, Cisco IOS, MS Server, ESA, WSA, Stealthwatch, AMP, Splunk, FortSIEM, and Firepower.
  • Experience with deployment and documentation of enterprise project management and change management processes.
  • Experience with the configuration, installation (including hardware deployment), or O&M of one or more of the following technologies (specific tools listed in parentheses):  Network Threat Hunting (Sqrrl), Big Data Analytics (Splunk), Endpoint Threat Detection (Tanium), SIEM, workflow and ticketing (RSA Archer or Remedy), and Intrusion Detection/Prevention System (FireSight), Storage Area Network (SAN) platform (EMC), *NIX/Windows Operating Systems, and virtual computing (VMware).
  • Ability to identify solutions to potential network issues/embrace network simplification and strengthened security
  • Lead problem management and root cause analysis discussions with fellow network engineers, security engineers and analysts
  • Draft technical requirements, configuration management, and planning documentation
  • Support the Security Impact Analysis (SIA), an analysis that is conducted by the security team to review the extent to which changes to the information system will affect the security state of the system

Desired Qualifications:

  • Understanding of command line scripting and implementation. (e.g., Python, Powershell)
  • Ability to write new content/searches/scripts. (e.g., Splunk dashboards, Splunk ES alerts, SNORT signatures, Python scripts, Powershell scripts.)
  • Familiarity with Splunk Enterprise Security.
  • Strong understanding of networking. (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)
  • Ability to perform Netflow / packet capture (PCAP) analysis.
  • Experience with cyber threat hunting.
  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Systems or equivalent experience.

Closing Statement:

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and PUBLIC TRUST CLEARANCE REQUIRED.