|FULCRUM IT JOB DESCRIPTION
Position Title: Cyber Security Engineer (WINS) (JB)
FLSA Status: Full-time, Salary, Exempt
Clearance: TS/SCI w/CI Poly
Location: Fairfax, VA
Manager: Program Manager
Summary: This position will provide support to COTS Enterprise Forensic and eDiscovery systems and deliver ongoing support to a government agency.
Travel - 25%, with a willingness to travel 80-100%.
Duties & Responsibilities:
1. Meet with business users to gather requirements and make recommendations for meeting customer requirements within the SIEM.
2. Determine how best to leverage ArcSight ESM (and associated products) to meet the strategic goals by defining “use cases”.
3. Lead the development of the specific content necessary to meet the organization's security operations goals to include: the formation of content-specific queries, templates, reports, rules, alerts, dashboards, and workflow.
4. Perform installation, configuration, and technical administration of ArcSight product components, to include: ArcSight ESM and Logger.
5. Integrate data and event feeds with ArcSight SIEM.
6. Develop modules on ArcSight platforms that address the latest security scenarios, threats, and regulatory compliance issues
7. Research and develop content for ArcSight Solution Packages, including correlation rules, dashboards, reports, visualizations, etc.
8. Build and implement infrastructure security solutions
9. Develop a comprehensive SIEM architecture to support real-time security monitoring operations
10. Build and implement SIEM reporting to inform and assist clients' incident response teams and security managers
11. Troubleshoot and configure networking devices, various platforms, and database (Oracle) Windows and/or UNIX system administration
12. Experience working with remote access systems (SSLVPN appliances, network admission control/end point control services, token based authentication, integration with Active Directory and Windows)
13. Design, configure, and manage/administer network infrastructures
14. Review and assist in development of requirements and technical specs
15. Development of end use content in forms of technical specifications, systems solution architectures and white papers establishing solutions guidelines
16. Direct experience in customer engagements, business case analysis, go-to-market messaging and planning, and new product introduction
17. Develop security related code modules for use in new and existing applications
18. Proactively monitor and report on current Internet threats, as they relate the company's deployed product base
19. Utilize compliance and vulnerability assessment tools to analyze products for configuration and patch vulnerabilities
20. Implement security event analysis and intrusion detection (Firewalls, VPNs, VLANs, IDS/IPS Incident response - triage, incident analysis, remediation)
21. Demonstrated ability to quickly understand advanced concepts and new technology, consider available options, analyze trade-offs, and make appropriate product decisions
22. Self-motivated individual with minimal required oversight that can work to accomplish large complex goals in a collaborative environment coordinating multiple groups of disparate opinions.
23. Strong organizational, operational and process capabilities
24. Strong understanding and passion for Security monitoring, log analysis, data mining and security alerting
25. Considerable domain experience in cyber security issues, technologies, and the competitive landscape.
26. Other duties may be assigned, as necessary.
• Education / Experience:
HS Diploma and must possess 4+ years of hands-on experience in Network Security, Data Privacy, Risk management, Security Analysis, OR Incident Response
Experience with one or more of the following Security Information Management products: ArcSight, HP OpenView, Tivoli, CA, BMC, etc.
• Computers: Candidate must be familiar with Linux/Unix environments to include both workstation and server functions and must be proficient in Microsoft Windows platforms. Active Directory experience is desired.
• Certificates: Candidate must possess a CISSP/Security + certification and/or have a pre-registered date for when the certification test will be attempted.
• Relevant certifications such as CCNP, CCNA, SANS, etc.
• Clearance: TS/SCI w/CI Poly
• US Passport: Not required
Knowledge, Skills & Abilities:
• Experienced in large scale network security design, deployment and support
• Hands on experience in installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management (UTM).
• Knowledge of security compliance policy, programs, processes, and metrics
• Knowledge of Cyber Security and Information Protection and Privacy
• Knowledge of Internal audit and corrective action plans for information protection and security
• Knowledge of network engineering concepts
• Experience with leading or mentoring a team of network security practitioners
• Experience with security engineering, including security testing and evaluation, certification and accreditation, or penetration testing
• Strong Networking background combined with Strong Security
Desired or Preferred Knowledge, Skills & Abilities:
• Experience with Linux system administration
• Experience with Windows Active Directory
• Experience with developing/participating in enterprise-wide cyber incident response programs
Fulcrum IT Services is an information technology (IT) company based in Manassas, Virginia, that provides IT solutions and services for federal, state, local, and commercial customers. Fulcrum IT specializes in the areas of Enterprise Services, Applications Development, Data Management, Cyber Security, and Intelligence Analysis.
Fulcrum IT is an Equal Opportunity / Affirmative Action Employer. M/F/D/V