Work under limited supervision and participate in the design, engineering, integration, implementation, testing, deployment, maintenance, review, and administration of the infrastructure, hardware, and software that are required to effectively manage the security and risk posture of the network and resources. Assist with developing system concepts and apply the systems engineering life cycle to translate strategic Cyber objectives, technology, and environmental conditions into engineering outcomes and solutions. Assist with selecting and applying processes and methodologies to meet Cyber performance objectives. Assist with analyzing trends and emerging technologies for potential program modernization. Configure cyber systems to meet user requirements. Support the acquisition of hardware and software, as needed.
- 4+ years of experience in database security, including secure database configuration, database monitoring, and database vulnerability assessments with a focus on Imperva SecureSphere
- 3+ years of experience with information security and Cybersecurity engineering or security operations
- 2+ years of experience with the design and implementation of enterprise-wide security controls to secure systems, applications, networks, or infrastructure services
- Experience with security tools and devices, including network firewalls, Weby proxy, intrusion prevention systems, vulnerability scanners, or penetration tools
- Knowledge of federal compliance standards, including NIST 800-53, FIPS, or FedRAMP
- Knowledge of TCP/IP networking concepts and DNS, including using packet analysis tools, such as Wireshark or tcpdump
- Ability to obtain a security clearance
- BA or BS degree
- Active SANS GIAC Security Certification
- 2+ years of experience in one of the following areas: building and administering security devices, including network firewall, Web proxy, data loss prevention systems, and intrusion prevention systems, building and administering Windows Server and Active Directory, building and administering Linux- and UNIX-based systems, building and administering Network devices, including Cisco or Juniper, conducting dynamic Web application security testing, including manual testing and using application security tools to discover exploitable vulnerabilities, conducting database security assessment and monitoring, managing Cloud security operations, including identity and access control, secure configuration management, network security, enforcement policy scripting, workload security, or data security, and logging and Public Key Infrastructure (PKI) management and data encryption for data-at-rest and data-in transit
- Experience with securing enterprise Web applications and OWASP Top 10
- Experience with public Cloud services providers, including Amazon AWS or Microsoft Azure
- BA or BS degree in Information Security, Computer Engineering, Information Systems, Telecommunications, or Technology
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.
We’re an EOE that empowers our people—no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic—to fearlessly drive change.