Senior Information Systems Security Engineer - Senior Associate

Guidehouse - Washington, DC

Interested in working with talented people to help develop innovative solutions to some of society’s most complex and challenging problems? We are Guidehouse, a leading consulting firm serving the public sector and commercial clients with specialized capabilities in strategy, technology, and risk management. You may not yet know our name, but we have a rich history. Guidehouse is a combination of PwC’s former public sector practice and Navigant’s deep expertise in energy, financial services and healthcare.

We offer an exciting, fast-paced environment that fosters intellectual growth and rewards individuals based on impact, not tenure. Our firm is at the forefront of an emerging model solving complex problems that stretch across government and private companies, affording our people the opportunity to be on the cutting edge of the consulting profession. By focusing on markets facing transformational change, technology-driven innovation, and significant regulatory pressure, our employees also develop and deploy world class knowledge and problem solving that leads to breakthrough solutions.

This person will be responsible to engineer, architect, implement, deploy, maintain, and administer commercial and open source products; Conduct research, evaluate, and make recommendations on emerging technology; Review and interpret Federal guidelines and policies and industry standard best practices; Provide support on all information security activities at the program level including policy development, compliance inspections, audits and reviews; Provide support and work on the development phases of information security systems development life-cycle; Oversee, evaluate, and support the documentation, validation, and accreditation processes; Document incident correlation requirements, select incident correlation engines and recommend configuration guidelines; Conduct assessments of threats and vulnerabilities and determine deviations from acceptable configurations. Assess the level of risk, and develop and/or recommend appropriate mitigation countermeasures; Perform analysis to determine the optimum configuration of network and host sensors. This analysis includes traffic load analysis, performance impacts of monitoring, determination of potential attack characteristics; Analyze and recommend resolution of information security problems based on knowledge of the major information security products and services; Conduct research and develop security policies relevant to client environment and analyze outside security information for relevance to the client; Install and upgrade computer hardware and operating systems (Windows and Unix) on an enterprise environment.

10 years of relevant experience with Masters Degree.

14 years relevant experience with Bachelors Degree.

Six (6) years experience in Information System Security, Cyber Security, Computer Forensics, Insider Threat, Penetration Testing, Malware Analysis or Certification and Accreditation.

Two (2) years experience architecting, engineering, integrating, developing and/or deploying information technology products in an enterprise environment.

Extensive experience and knowledge in network monitoring and intrusion detection using host based and network-based IDS and log management applications. Experience installing, testing, patching and upgrading computer hardware and operating systems (Windows and Unix). Experience using SourceFire, Arcsight, Splunk, NetWitness, Guidance Software, Digital Guardian, Raytheon (SureView), NMAP, Metasploit, Request Tracker, Nagios, Intelliview, Nessus and Foundstone. Intimate knowledge of FISMA, NIST and ASCLD requirements.

  • Bachelor's degree in Computer Science, Information Systems, Engineering, Business or related field. Master's preferred.
  • Desired: Microsoft MCSE/CISSP certification.
Clearance level: Top Secret

This position requires successful completion of a background check and employment verification.
The successful candidate must not be subject to employment restrictions from a former employer (such as a non-compete) that would prevent the candidate from performing the job responsibilities as described.