- Cyber Defense
XOR Security is currently seeking talented Senior Imperva Engineer for an exciting position supporting one of our federal clients. Our project is aimed at establishing cutting-edge techniques for network defense, identifying threats and detecting malicious activity using advanced toolsets.
The ideal candidate will have hands-on experience with Data Security technology (Imperva SecureSphere and Guardium). In addition, the candidate should have an in-depth understanding of networks and be able to perform the installation, configuration, tuning, and administration of Web Application Firewalls and data security systems.
This effort will require a skilled engineer with experience performing analysis of network security solutions, including identifying gaps, recommending and implementing configuration changes to the WAF policies. The candidate will also ensure existing network infrastructure and configuration standards are adhered to when delivering projects. The candidate should be able to coordinate engineering and analysis efforts between network, incident response and management teams. The candidate must have a strong understanding of networking, analysis and system administration. Additionally, the candidate should be comfortable interacting with all levels of a security team.
Washington D.C., USA
Skills and Qualifications:
- 4+ years of experience with database security including secure database configuration, database monitoring, and database vulnerability assessments with a focus on Imperva SecureSphere
- 3+ years of experience with information security and Cybersecurity engineering or security operations
- 2+ years of experience with the design and implementation of enterprise-wide security controls to secure systems, applications, networks, or infrastructure services
- Experience with security tools and devices, including network firewalls, Web proxy, intrusion prevention systems, vulnerability scanners, or penetration tools
- Knowledge of federal compliance standards, including NIST 800-53, FIPS, or FedRAMP
- Knowledge of TCP/IP networking concepts and DNS, including using packet analysis tools, such as Wireshark or tcpdump
- Ability to obtain a security clearance
- BA or BS degree
- Active SANS GIAC Security Certification
- 2+ years of experience in one of the following areas:
- Building and administering security devices, including network firewall, Web proxy, data loss prevention systems, and intrusion prevention systems
- Building and administering Windows Server and Active Directory, building and administering Linux- and UNIX-based systems
- Building and administering Network devices, including Cisco or Juniper
- Conducting dynamic Web application security testing, including manual testing and using application security tools to discover exploitable vulnerabilities
- Conducting database security assessment and monitoring
- Managing Cloud security operations, including identity and access control
- Secure configuration management
- Network security,
- Enforcement policy scripting
- Workload security, or data security
- Logging and Public Key Infrastructure (PKI) management and data encryption for data-at-rest and data-in transit
- Experience with securing enterprise Web applications and OWASP Top 10
- Experience with public Cloud services providers, including Amazon AWS or Microsoft Azure
- BA or BS degree in Information Security, Computer Engineering, Information Systems, Telecommunications, or Technology
XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and PUBLIC TRUST CLEARANCE REQUIRED.