Job Description:
Job Title: Network Engineer III (Senior Security Engineer)
Pay Rate: TBD
Job Location: One Columbus Circle, NE , Washington , DC 20002
Duration: 12/31/2008 or Longer Date Req Opened: 02/05/08
Job Description:
This is a high-level Senior Security Engineer position which requires in-depth hacker incident detection, investigation and prevention across a large government customer network
Specific responsibilities of the Government Security Team include:
- Supporting the 7x24 Security Operations Center (SOC) with security incident handling. (SOC is in a different location.) A real-time log of observed security events is published and available in real-time throughout the federal government organization.
- Correlation and analysis of security inputs from multiple sources including but not limited to IDS/IPS consoles, firewall logs, real time packet traces, host logs, for profit intelligence services.
- Vulnerability management. Using multiple tools such as the ISS Enterprise Scanner, MetaSploit, Core-Impact, WebInspect and custom developed tools, perform an iterative technique of testing, notifying, escalating and retesting to manage a vulnerability detection and remediation program for the customer. The vulnerability management program includes custom remediation advice for System Administrators.
- Linux and Windows web service and server support, to include building servers and recommending to customers methods to secure web servers.
- Management hotspots detailing serious security incidents detected at the National Gateways.
- Change management of key security configuration items such as documentation, firewall policy and IDS/IPS signature sets.
- Patch management with audit trail support for infrastructure servers installed at that National Gateways.
- Publish weekly significant actions and monthly summaries of detected activity and responses.
- Implementation of an extensible secure knowledge base that details specific threats, security controls and procedures.
Required & Desired Skill Sets:
- This position is located in Washington , DC near Union Station (accessible by train, light rail & metro). Individual will work on-site with the customer on projects.
- US citizenship is required.
- There is NO Government security clearance requirement (candidate is subject to Sprint's background employment check)
- The work hours are: arrive between 7am and 9am and work 5 days a week OR work an AWS (Alternate Work Schedule)¿9 hours/day and have every other Friday or Monday off.
- The Senior Security Engineer candidate must have a minimum of four years in the network security field, within the focused security arena of intrusion detection.
- The Engineer must have hands-on working skills in the use and administration of security tools to include the 1) Internet Security Systems (ISS) RealSecure product line and/or the Cisco Intrusion Prevention System (IPS) product line, 2) the use of MetaSploit and 3) WebInspect.
- Experience in working with, supporting and troubleshooting Linux and Windows web servers and securing web services is desired.
- Five years of HANDS-ON WORK Experience in network security.
- Other Requirements. Scripting programming experience
- Education Requirements: No 4-year College Degree required
- Preferred: CISSP, GIAC or other security certifications.