Cyber Engineer - Military veterans preferred

2019-04-11
Raytheon (www.raytheon.com)
Other

/yr

  full-time   employee


Bethesda
Maryland
United States

Cyber Engineer (10-15 Yrs Exp Required)
Support HHS-NIH ISPS (Information Security Program Support) to enable mission accomplishment by analyzing all relevant cyber security event data and other information sources for suspicious network traffic, attack indicators and potential security breaches; produce reports, assist in coordination during incidents. In support of the customer’s strategic direction, key individuals support the Cyber Security Operations Center (CSOC) employing innovative technologies and techniques.

The main objective of the NIH Information Security Program is to “safeguard the NIH personnel, patients, computers, networks and data that NIH relies on each day to fulfill its mission.” To achieve this objective, the NIH Information Security Program has established the following strategic goals:
Reduce High Risks: Reduce NIH high risk areas; prioritize/High Value Assets (HVAs)
Improve Protections: Improve protections for data, infrastructure, and staff

Complete Visibility:
Provide continuous/increased visibility into IT assets, operations, threats, and risks
Integrate NIH Privacy Coordinators into accreditation and authorization processes
These goals will be achieved via NIH-specific initiatives and government-wide projects to promote IT management best practices, including configuration and patch management, system administration, and change and operations management. These activities will also be accomplished via implementation of DHS Continuous Diagnostic & Mitigation (CDM) program guidance and technologies, the NIH information security modernization initiative, and other NIH and HHS information security projects intended to protect and serve the NIH mission, patients, and staff.

Job Description:
Looking for a qualified individual who can support the technical infrastructure aspects for the Situational Awareness Team with providing support and developing capabilities for the sensor databases and software.

The Cyber Engineer will provide technical oversight on all infrastructure aspects of the Computer Network Defense (CND) organization. The Cyber Engineer oversees all phases of Intrusion Detection System (IDS) infrastructure Security development/research support for all phases of IDS/Intrusion Prevention System (IPS), Security Information Management and Web Content Filtering development.

Responsibilities:
Coordinate, manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized cybersecurity applications
Identify potential conflicts with implementation of any computer network defense (CND) tools within the CND service provider area of responsibility (e.g., tool/signature testing and optimization)
Assist in identifying, prioritizing, and coordinating the protection of critical cybersecurity infrastructure and key resources
IDS/IPS Signature Analysis, Development and Testing
SIM content Analysis, Development and Testing
Web Content Filtering Analysis, Development and Testing
Intelligence Gathering
Testing of existing and new technologies in the ITA Lab
Tune IDS/IPS Systems
Review/analyze requested changes for equipment, technology and/or other factors/trends, which may impact existing solution consistent with solution modifications.
Initialize IDS design/deployment.
Daily IDS analysis/monitoring and generating technical and executive summary reports.
Incident response.
Development of standard operating procedures and other technical documentation for the IDS infrastructure.
Consult with hardware, communications, database experts and /or vendors to ensure system viability.
Perform advanced system design functions, including interpretive analyses, chart preparation and associated diagrams/enhancement plans.
Ensure applicable documentation is updated according to client standards.
Routinely provide guidance to and assists in the training of less experienced staff.

Required Skills:
Existing Level 6: Public Trust - High Risk Background Investigation
US Citizenship
Willing to work rotating shifts
10+ years’ experience related to Information Assurance/Cyber Technologies
10+ years’ experience in Intelligence collection, analysis, and reporting process/procedures
Experience leading and providing Security development/research support for all phases of IDS/IPS, Security Information Management and Web Content Filtering development.
Demonstrated advanced understanding and in-depth knowledge of regular expressions
Demonstrated advanced understanding and in-depth knowledge of scripting languages (perl, python, javascript, etc.)
Demonstrated experience in Security Information Management (SIM) and Intrusion Prevention System (IPS) tools
Experience establishing and maintaining good working relationships in all levels of the organization, including customers, organizations, internal management, and support
organizations
Strong leadership and communication skills, including negotiations experience
Working knowledge of network protocols and common services such as DNS, FTP, email, TCP/ICMP/UDP
Ability to assess information of network threats such as scans, computer viruses or complex attacks
Working knowledge of WAN/LAN concepts and technologies
Working knowledge of Linux/Unix, including scripting, and basic system administration.
Knowledge of signature development
Familiarity with packet analysis to include:
HTTP Headers & Status codes o SMTP Traffic & Status codes o FTP Traffic & Status Codes
DNS Queries
PKI Certificate Exchange
Knowledge of U.S. Government Information Assurance policies, procedures, standards, guidelines, and objectives.

Desired Skills:
Experience with Arcsight and Sourcefire/Snort is a plus
Experience with SQL Server, Microsoft Access, XML, and scripting
Security Operations Center (SOC)/Network Operations Center (NOC)

Desired Certifications:
Security+CE
Certified Information Systems Security Professional (CISSP)
GIAC Security Expert (GSE)
Certified Ethical Hacker (CEH)
GIAC Incident Handler (GCIH) or GIAC Intrusion Analyst (GCIA)
CISSP-Information Systems Security Engineering Professional (ISSEP)

Required Education (including Major):
Bachelor of Science Degree with major in Computer Science/Electrical Engineering, Engineering, Science or related field. Must have a minimum of 10+ years experience or equivale

137642

Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.