Description:-Coordinates resources during deployment/standup/assessment incident response efforts, driving incidents to timely and complete resolution.
-Employs advanced forensic tools and techniques for attack reconstruction, including dead system analysis and volatile data collection and analysis.
-Utilizes understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.
-May conduct malware analysis of attacker tools providing indicators for boundary defensive measures, and reverse engineer attacker encoding protocols.
-Interfaces with external entities including law enforcement organizations, intelligence community organizations and other government agencies such as the Department of Defense.
-Strong technical skills proficiency in the following areas: network communication using TCP/IP protocols, basic system administration, basic understanding of malware (malware communication, installation, malware types), intermediate knowledge of computer network defense operations (proxy, firewall, IDS/IPS, router/switch) and open source information collection. Candidate must have a thorough understanding of Domain Name Service records.
-Self-starter with the ability to proactively engage and develop relationships with intrusion set subject matter experts and analyst counterparts across the US Intelligence and Law Enforcement communities
-Thorough understanding of TCP/IP and common protocols such as SSH, HTTP/S, SMTP, RDP, DNS, S/FTP, DHCP, CIFS/NetBIOS, LDAP, and SNMP
-Must have a thorough understanding of the internet threat landscape and advanced persistent threats.
-Microsoft Windows, Linux (RHEL, SUSE).
-Basic Scripting and/or Development Languages, such as Python, Shell Scripting
-Risk Management Framework tools and procedures
-Developing and interpreting design requirements and implementation roadmaps, metrics and other controls to monitor and report on program progress and health
-Ability to work task assignments independently and effectively in a team environment
-BS degree in a technical field or equivalent experience/combined education
-Experience with running and manage security assessment events
-Experience with vulnerability analysis assessments.
-Experience in systems engineering, system security design and/or requirements analysis.
-Security-related certification (Security +, CISSP, CSSLP)
discipline, or equivalent experience/combined education, with 9 years of professional experience; or 7 years of professional experience with a related Master’s degree. Considered an emerging authority
-must be able to travel up to 75%
Basic Qualifications:
- Demonstrated broad background in information security tools, concepts and issues across a broad range of technologies including Network and Software Security, Network Penetration Testing, Web Application Penetration testing by related work experience
- Familiarity with a variety of penetration testing tools and methodologies
-Knowledge of security policy and compliance
- Experience with Network and Application Layer Firewall Technology
- Experience in system hardening, analysis, and vulnerability management.
- Demonstrate excellent verbal and written communication skills
- Must possess strong interpersonal relations and analytical skills
- Bachelor of Science degree in Computer Science, Software Engineering, or Computer Engineering
and at least ten (10) years of related experience.
- Demonstrate excellent verbal and written communication skills
- Demonstrated effective organizational and team building skills
- Demonstrated experience utilizing agile frameworks for project lifecycle
- Solid understanding of programming languages and operating system concepts.
- Advanced experience with hardware configuration, networking protocols and network/data communications
- Advanced experience with Windows, Linux, Mac, and RTOS.
- Advanced programming experience with C++, Python, Java, or other coding technologies
- Advanced experience with virtualization technologies like VMware, KVM, or Hyper-V.
- Advanced experience with Cross Domain Solutions
- Ability to obtain a Top Secret Clearance
Desired Skills:
• Experience with cloud platforms such as AWS, Microsoft Azure, OpenStack, Docker and others
• Solid understanding of cloud computing and security principles
• Experience with enterprise vulnerability scanning solutions and deployments
• Familiarity with cryptography and hashing
• Secure Software Design and Architecture
• Understanding of cyber threat intelligence analysis and current threat landscape
• Ability to conduct a variety of penetration testing activities
• Understanding of software/hardware reverse engineering and vulnerability discovery techniques
• Experience with various network defense technologies, such as Intrusion Detection Systems and Firewalls
• Cybersecurity/Security Assessment and Accreditation (Security A&A)
• Embedded Cyber, SW Secure Coding / Analysis, OSINT Analysis experience, System Engineering / Network Engineering / Network architecture and design experience.
• Current active DOD Top Secret clearance