Position Description

Design, prototype and support security-related infrastructure and applications. Identify and mitigate security risks to network and systems. Architect, develop and engineer enterprise security tools which may be COTS or open source. Possess the ability to learn new technologies to adapt to the threat landscape.

Engineering duties and responsibilities:

1. Architecture and design of new enterprise tools as well as upgrading existing infrastructure.

2. Work fluidly in a Linux or other shell command line environment.

3. Provide security application support, including the development of automated scripts.

4. Develop documentation as required (such as DFARS, Compliance, installation, Visio network and cabling diagrams, configuration guides, user tutorials, user and system requirements specification documentation, use cases, traceability matrices).

5. Research, prototype and implement new security related technologies.

6. Working hand-in-hand with 24/7 GSOC to support their needs.

7. As a lead engineer, provide mentoring and training to other team members.

8. Assist in the management of team functions and responsibilities.

Expectations:

Initiative, self-Starter, strong work ethic, has the ability to learn, strong troubleshooting skills, works well in a team environment or alone and lovesCybersecurity. Works only under general direction. Independently determines and develops approach to solutions. Work is reviewed upon completion for adequacy in meeting objectives.

Represents the organization in providing solutions to difficult technical issues associated with specific projects. Supports the team with strong and fair leadership and sets an example for the rest of the team to follow.

Keywords: Linux, UNIX, Security, Splunk, Gigamon, Cisco, FirePOWER, Imperva, WAF, Corelight, RSA, NetWitness, IDS, IPS, SIEM, Firewall, Network, Scripting, Perl, Python, Bash

Skills Required

Initiative Strong work ethic - Works well in a team environment

 Strong troubleshooting skills

 Loves CyberSecurity

Strong Linux command line experience required - Strong scripting skills in common languages like bash, perl, python, yaml

Network architecture and security principals - Networking protocols including, but not limited to SSL, TLS, DNS, TCP/IP, ARP, BGP, SMTP, SNMP, SSH, ICMP - Must have strong enterprise tools experience




Skills Preferred

Strong Linux Engineering Snort Opensource Zeek Opensource Netsniff-NG Opensource Syslog-NG Opensource Gigamon Packet Brokers Imperva WAF Cisco Firepower IPS NetWitness Corelight

Experience Required

18+ Years with HS14+ Years with AA12+ Years with BS10+ Years with MS7+ Years with PhD

Experience Preferred

20+ years security engineering or other closely related fields

Education Required

18+ Years with HS14+ Years with AA12+ Years with BS10+ Years with MS7+ Years with PhD




Education Preferred

Additional Information

Typical qualified candidate would have been a Security Engineer Linux/Unix Admin or similar in the past and have at least 1-2+ years of recent exp in cyber security enterprise monitoring threat detection etc.

Must have had Security Engineer Exp not only analyst or vulnerability/C&A mgmt roles Keywords: Linux UNIX Security Splunk Gigamon Cisco FirePOWER Imperva WAF Corelight RSA NetWitness IDS IPS SIEM Firewall Network Scripting Perl Python Bash

Education: Bachelors Degree