Information Security Engineer - Incident Response

NET ESolutions Corporation - Rockville, MD

Full-timeEstimated: $96,000 - $140,000 a year
EducationSkillsBenefits
NET ESOLUTIONS CORPORATION (NETE) is a multi-award winning company founded in 1999. NETE is a full-service Information Technology (IT) company dedicated to providing value focused services to the Federal Government and the Biomedical Research and Health IT Sector. NETE offers a collaborative working environment where growth is encouraged and nurtured. In addition, we offer competitive salaries that may include performance bonuses and a comprehensive benefits package.

Job Description

NETE is seeking a highly motivated, flexible, organized, and detail oriented Information Security Engineer - Incident Response to join our dynamic team at Rockville, MD. If you want to learn, grow, and help then this is the job for you. We support a project/customer that "seeks to better understand, treat, and ultimately prevent infectious, immunologic, and allergic disease seeks fundamental knowledge about the nature and behavior of living systems and the application of that knowledge to enhance health, lengthen life, and reduce illness and disability. What you do matters and has a significant impact on the medical and scientific communities we serve. Your work here really matters and has a real impact.

Responsibilities
This role will be primarily responsible for conducting incident handling tasks during different phases of Computer Security Incident Response (CSIR) - monitoring, research, analysis of security alerts and events.

Coordinate and provide expert technical support to enterprise-wide technicians to resolve cyber defense incidents; Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
Perform analysis of log files from a variety of sources to identify possible threats to network security.
Validate security incidents & perform defense triage to include determining scope, urgency, and potential impact; identifying the specific vulnerability, and making recommendations for remediation.
Perform real-time incident handling tasks (e.g., forensic collections, intrusion correlation and tracking, threat analysis, and direct system remediation).
Analyze network alerts from various sources and determine possible causes of such alerts.
Track and document cyber defense incidents from initial detection through final resolution.
Employ approved defense-in-depth principles and practices (e.g., defense-in-multiple places, layered defenses, security robustness).
Serve as technical expert and liaison to law enforcement personnel and explain incident details as required; Coordinate with intelligence Engineers to correlate threat assessment data.
Perform cyber defense trend analysis and reporting; Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain the currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise; Write and publish after-action reviews;
Gather and analyze information for defining requirements, specifications and issues to support the development of new policies, standards, and procedures or update existing ones.
Work with a team of diverse individuals and cross-functional teams to solve unique and complex problems with broad impact on the business.
Provide clear updates to management on security incidents; Investigate, document, and report on forensic investigations.
Job Requirements
Minimum 4 years experience in Information Security is required along with a minimum of 2 years of hands-on experience in at least 3 of the following:
Identifying incidents and performing cyber defense triage
Incident handling in all phases of incident response
Serving as a technical expert and liaison to explain incident details
Documenting AARs and other incident related reports
Log correlation from various sources
Must have excellent attention to detail and analytical skills required
Must know

Risk management processes (e.g., methods for assessing, mitigating and accepting risks).
Cybersecurity principles, security models, organizational requirements (w.r.t. confidentiality, integrity, availability, authentication, non-repudiation), cyber threats, risks and vulnerabilities, cryptography and cryptographic key management concepts, host/network access control mechanisms (e.g., ACLs), network access, identity, & access management (e.g., PKIs), Computer networking concepts and protocols, and network security methodologies.
Ethical hacking principles, general attack stages; Specific operational impacts of cybersecurity lapses; programming language structures and logic.
Basic system administration, network, preventive and hardening techniques.
Must be

Able to communicate, verbally and in writing, complex technical issues with simplicity & clarity.
Able to exercise discretion and maintain confidentiality.
Proficient in reporting and answering analytical questions.
Education/Certifications

B.A or BS degree in Computer Science\Security or related discipline (Masters preferred).
Industry standards such as GCIH or related GIAC (preferred but not required).
Selected applicant may be subject to Public Trust clearance and may need to meet eligibility requirements for access to sensitive information.
Benefits
Paid Time Off (PTO)
9 Paid Federal holidays
Various wellness programs
Free parking at corporate offices
Employee Referral Bonus Program (ERBP)
Vision coverage through UHC national network
Dental coverage through UHC national network
401(K) with significant company match & no vesting period
Short and Long-Term Disability coverage (paid by company)
Competitive salaries with opportunity for performance bonuses
Discount plan for pet care, legal services, & identify theft protection
Basic Life and AD&D coverage (paid by company; option to purchase additional coverage)
Medical coverage through UHC national network (option to choose between 3 available plans)

Flexible Spending Accounts:
Healthcare (FSA)
Parking Reimbursement Account (PRK)
Dependent Care Assistant Program (DCAP)
Transportation Reimbursement Account (TRN)
NETE is a multi-award winning company as well as offers a collaborative working environment where growth is encouraged and nurtured. In addition, we offer competitive salaries that may include performance bonuses; and a comprehensive benefits package.

NETE uses E-Verify to validate all new hires' ability to legally work in the United States.

Disclaimer: The above description is intended to describe the general nature of work and level of effort being performed by individual s assigned to this position or job description. This is not to be construed as a complete or exhaustive list of all skills, responsibilities, duties, and/or assignments required. Individuals may be required to perform duties outside of their position, job description, or responsibilities as needed.