Our company is an IT Consulting, WebE-commerce Development, and Custom Software Development firm based in Mclean, VA. Our commercial domestic and international clients are looking for candidates with the following skill sets Candidates with CPG (Consumer Packaged Goods) or Aviation industry experience are a plus. Work Authorization Status H1B Visa, EAD, Green Card, US Citizen JOB RESPONSIBILITIES - Identify and Implement new security technologies and best practices (Cloud offerings preferrable) - Identify processesprocedures for how to handle a cloud security event, including forensic isolation and mitigation with Digital Forensics and Incident Response (DFIRIR) teams (preferred) - Identify new security threats by conducting continual monitoring, penetration testing, vulnerability assessments and log analysis - Create technical and managerial level reports and risk assessments for Cloud based applications and infrastructure - Identify gaps in security architecture - Interface and collaborate with multiple groups andor managerial staff to eloquently describe and implement security solutions - Create technical and managerial documentation, topologies and metrics to support security tasks. - Assist with day to day Security Operations (Vulnerability Assessment, Patch Management, Penetration Testing, Firewall Management, and Incident Response) - Ability to articulate engagement testing and results at both the technical and executive levels - Assist with Audit and Assessment of security plans and support documentation - Support the Corporate Security team with internal security initiatives - Stay up to date on the latest information security technologies - Contribute to security policies, standards, and guidelines related to Information Security and ensure they are followed throughout the company - Support security awareness activities - Support security assessments of third party vendors and products - Support security assessments of roles and accesses across systems, environments and applications - Respond and handle internal security requests and escalate when appropriate - Conduct after action reviews to identify lessons learned and best practices - Perform code reviews and remediation on identified issues - Perform application penetration and security functional testing - Develop automation and processes to identify security flaws in code - Experience with Tipping Point, FIN, NextSpose is preferred - Assist development team implementing secure SDLC practices - Threat model web applications and work with development team throughout the Agile SDLC - Perform web application vulnerability assessments and penetrations tests - Provide security and compliance requirements for software development projects SKILLS REQUIRED - Experience providing engineering and operations of Cisco routers and switches, Avaya PBX, WAN acceleration technologies, load balancers is preferred - Management of routers and switched Load balance configuration, solid understanding of Routing protocols and network management - 2 years of IT experience, 2 years Network Engineering or Network Security Engineering Experience - Experience in some of the following Cisco networking, VPN, F5 load balancers, WAN acceleration, serversstorage, file, print, DNS, DHCP, Cisco VoIP, VTC, video streaming, power management, Cisco PrimeCiscoWorks, HP OpenView, SolarWinds Orion, Cisco Unified Call Manager, Avaya System Management, back-office applications, scripting. - Experience with performing root cause analysis, risk identification, and risk mitigation - Experience planning and implementing secure networking practices such as application segmentation, network segmentation, NAC and other access control testingvalidation, updating access control SOPs - Plan, identify, design, create Request for Implementation (RFI), implement, and test access rules for system connectivity - Plan, identify, design, create RFI, implement, and test user access control rules - The successful candidate will be experienced with static routing, EIGRP, and OSPF routing and must be experienced with TCPIP and IP subnetting. - Knowledge of modification of firewall rules on ASA, Palo Alto, and Fortigate firewalls is preferred - Firewall Engineering Installation of new firewalls, high availability configuration, and monitoring - Develop standard operating procedure and network topology documentation - Experience in a professional Network Security engineering capacity - Experience in a Professional Services Client-facing role - Experience with implementation of IT service management best practices such as change, problem, incident, configuration and service level management. - Experience in the development and refinement of processes and procedures to ensure efficient, repeatable and effective monitoring and troubleshooting of network and systems - Experience with vulnerability scanners and vulnerability management tools - Experience coordinating and executing security and risk assessments - Experience in Security awareness initiatives - Experience in Application Security related field (code reviews, application penetration testing, security engineering) - Experience with web proxies, traffic manipulation, authentication bypass, and bizarre edge cases a plus - Background in host and application security - Experience with applied cryptography including PKI, SSL, key management and SSH identities - Experience with financial or sensitive applications and web services-based applications, especially at massive scale - Experience leading customer projects, providing consultative advice to clients, and lead client training sessions - Experience with some or all of the following TCPIP OSI Model, system logs (WMI, syslog, etc.), antivirus, IDSIPS, packet analysis, configuration standards, Group Policy, Vulnerability analysis, Event - Correlation, Forensics, IDSIPS rule sets and signature creation, web application security, pen-testing, reverse engineering, Honeypots, IOC, advanced threat detection, code analysis. Data Loss Prevention (DLP), Log Indexing and Correlation platform, Network Access Control (NAC), Physical access control systems - Experience using Microsoft Office and Visio to create documents, presentations, and detailed drawings QUALIFICATIONS - Bachelorrsquos Degree or Higher in Computer Science, Information Technology or related field or equivalent experience - 2 years experience in Computer Security, with focus on Cloud Security - Knowledge of Cloud infrastructure, security architectures, and standards - Technical knowledge of Amazon Web Services is preferred - Able to demonstrate clear understanding of current threats to Cloud infrastructure andor IT infrastructures at technical and managerial levels - Able to automatescript daily tasks through Python, Bash, Perl or equivalent - Security Certifications (preferred) CISSP, CISA, OSCP, OSCE, OSWE, SANS GIAC, etc - Network Certifications (preferred) ITIL Foundation Certification, CCNP, CCIE, CCDP, CCDA, CCNA, etc - Application Certifications (preferred) GWEB, GPEN, GWAPT - Understanding of system internals for Windows, UNIX, Android or iOS - Ability to drive efficient resolution of all incidents through analytical and structured approaches to problem solving - 2 years of combined IT and security work experience including phishingpenetration testing, systems, vulnerability testing, Firewall Management, Digital Forensics Incident Response, Patch Management, and other Security Operations tasks - 1-2 years IT Security specific role - Ability to understand security vulnerabilities and remediation techniques - Knowledge of web application and network exploitation - Team-oriented interpersonal skills, with the ability to interface effectively with a broad range of people and roles (IT and business personnel) - Comprehensive understanding of network architecture with a focus on Layer 3 networking is preferred - Strong background and hands-on experience with firewalls (CISCO, Juniper, Check Point) is preferred - Ability to create network models based on a client's existing network - Intermediate - Advanced Linux experience (administration, configuration, etc.) is preferred - Penetration Testing experience or experience with MySQL queries is preferred - Familiar with information security policies and standards development and enforcement, strategies, and third party risk management - High level understanding of backend and IT software components to support security initiatives - Working knowledge of network protocols, and web related protocols (TCPIP, REST HTTP, HTTTPS, IPsec) is preferred - Understanding of techniques for distributed authentication and identity management - Experience performing application penetration testing is preferred - Experience in CC , Python, PHP, MySQL Skilled at use of reverse-engineering tools like IDA Pro or - equivalent alternatives is preferred - Knowledge of internet security issues and threat landscape - Familiar with tools such as SIEM, WAF, IDS, vulnerability scanners, etc - Familiar with manual interception proxies such as Burp, Fiddler, or Zap - Familiarity with OWASP guidelines - Software development experience - Knowledge of Agile and Secure SDLC - Scripting or code experience (Python, Shell, Java, JSON, Scrum, Jira, etc) - Familiarity with network and web application protocols (Http, Https, TCPIP, UDP, IPSEC, SAML 2.0, OAuth 2.0, Rest APIs, etc) - Knowledge or experience implementing SDLC frameworks like OpenSAMM and BSIMM a plus - Database knowledge - Knowledge of Networking fundamentals - Comfortable working on both Linux-based, MS Windows-based and OSX-based system platforms with a strong IT technical understanding and aptitude for analytical problem solving - Strong understanding of enterprise, network, system and application level security issues - Understanding of enterprise computing environments, distributed applications..... click apply for full job details
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.