Washington, DC – Full Time
SECURITY CLEARANCE REQUIREMENT: TS, WITH SCI ELIGIBILITY
REMOTE OPPORTUNITY: This position requires onsite work. However, due to COVID-19, remote work on a rotational schedule is temporarily available.
***POSITION REQUIRES US CITIZENSHIP***
We are seeking a Blue Team Security Engineer with experience utilizing offensive security tools, advanced knowledge of information security best practices, the ability to assist in the mitigation of both insider and external threats to operational systems/ networks in support of a U.S. Intelligence Community Partner. The Blue Team is comprised of cybersecurity professionals that perform intelligence/ threat-based security assessments of critical systems, major applications, and networks to identify security risks. Team members also system owners of the potential impacts of those risks to their mission and may assist in the remediation of identified threats. The Blue Team performs comprehensive assessments that produces actionable security recommendations that are tailored to the assessed environment.
The following services are provided by the Blue Team:
- Identification and Validation of Security Flaws
- Network Mapping / Network Analysis
- Vulnerability Analysis
- Penetration Testing
- Threat Hunting
- Incident Response
- Forensic Analysis
- Current U.S. Government Top Secret Clearance w/ SCI and a CI-Polygraph eligibility
- Bachelor’s degree with 5+ years of experience, or Master’s degree and 3+ years of experience
- Specialized experience in Blue Teaming or experience working within a Security Operations Center performing a variety of the services listed above in the job responsibilities.
- Incident Response experience required
- Possess a broad knowledge of security methodologies, solutions and best practices
- Experience with multiple open source and commercial testing tools; a non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap
- Possess advanced understanding of the strengths and weaknesses of security tools with the ability to select the right tool for the job; ability to configure and troubleshoot tools if necessary
- Familiarity using, configuring, troubleshooting, and administrate both Unix/Linux and Microsoft operating systems; extensive systems engineering experience with at least one of these OSs
- Understand Department of Defense and Intelligence Community security policies as well as security guidelines published by the National Institute of Standards (e.g., 800-53 and 800-53a)
- Have the ability to think critically and creatively; capable of synthesizing and analyzing large amounts of data related to complex systems; ability to articulate thoughts and findings in a concise and comprehensive manner
- Candidate must have an expert understanding of at least one of the six following technologies and their security vulnerabilities:
- Web applications and technologies: Advanced understanding of application programming languages, application servers, Web services, and Web browsers. Candidate should also understand the vulnerabilities related to these technologies, as well as security best practices when using them. Candidate should also be able to use automated assessment tools and manual testing techniques to assess these applications. Familiarity with OWASP testing methodology is also required.
- Networking technologies: Advanced proficiency with various networking skills and technologies, including (but not limited to) Cisco hardware and IOS, firewalls, IDS and IPSs, packet analysis, and high level network architecture fundamentals.
- Enterprise solutions, storage and databases: Advanced understanding of relational databases, database management systems, enterprise storage solutions, and security concerns specific to these technologies.
- Cross Domain Solutions and trusted operating systems: Advanced experience with a range of Cross Domain Solutions, or CDSs, and advanced understanding of the unique security requirements of CDSs and trusted OSs such as trusted Solaris v8, Solaris v10 with trusted extensions and Security Enhanced Linux.
- Virtualization technologies: Advanced experience with VMware products, Microsoft virtualization technologies and/or similar technologies.
- Advanced hardware, OSs, networking, and security best practices
- Candidate must be able to apply and understand a wide range of technical principles, theories and concepts.
- The candidate must be comfortable researching and understanding a wide variety of information systems and emerging technologies.
- Support RedTrace strategic business objectives, which may include but not limited to participation in technical interviews, creation of technical documentation, general proposal writing support and proposal color reviews.
- Shall possess one or more of the following certifications:
- (ISC)2 Certified Information Security Professional (CISSP)
- SACA Certified Information Systems Auditor (CISA)
- SANs GIAC certification ( e.g., GPEN or GWAPT)
- Offensive-Security Certified Professional (OSCP)
- EC-Council Certified Ethical Hacker (CEH)
- Self-starter requiring limited direction and supervision
- Experience briefing senior customer personnel
- Ability to organize and prioritize numerous customer requests in a fast-paced, deadline-driven environment
- Familiarity with Amazon Web Services (AWS) and/or MS Azure
- Familiarity with federal customer IA processes
- Experience with IA vulnerability testing and related network/system test tools (i.e. Retina, HBSS, EVSS, ACAS)
- Experience with Governance, Risk, & Compliance (GRC) tools (i.e. XACTA, RiskVision, CSAM, RSA Archer)
- Familiarity with Cross Domain Solutions (CDS)
- Experience supporting IC or DoD customers
- Competitive salary for well qualified applicants
- 401(k) plan
- Annual performance bonus
- Certification and advanced degree attainment bonuses
- Student Loan / Tuition reimbursement
- Health Care Insurance (medical, dental, vision)
- Up to four weeks of paid vacation
- 10 Federal Holidays, and 3 Floating Holidays
- Unlimited sick leave
- Team bonding events
To apply for this job email your details to firstname.lastname@example.org