Information Security Engineer, Senior:
About GuROO:
At GuROO our mission is to deliver Enterprise Network Engineering, Enterprise IT, Program Management, and Project Management support to large commercial corporations, government agencies, and government-contracted agencies within the Washington, DC metropolitan area and beyond. We have an innovative approach to helping our customers discover, evaluate, implement, and manage advanced technology projects to enhance our clients needs.
You are expected to have a strong work ethic and possess the ability to work as a critical member of a team in pursuit of mission objectives and in the support of our customers. We value candidates who are detail-oriented while also being able to think and react quickly to emerging and unique problem sets. To be successful in this role you'll be able to rapidly adapt and learn how to operate the front and back end of new products and processes.
Responsibilities & Duties include, but are not limited to:
- Provide overall engineering, and administration in supporting a very large distributed Trellix environment
- Experience creating custom dashboards, writing queries, building, and generating reports, and setting up alerts and notifications
- Demonstrated proficiency with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends, and building dashboards, searches, reports, etc. highlighting the key trends of the data
- Coordinate with the SOC to build threat detection logic and dynamic operational dashboards
- Implement and manage Trellix apps, queries, dashboards, alerts, and reports to provide actionable insights to various teams
- Perform log auditing and log management. Work closely with the operations team to monitor systems and environments for security incidents and general security operations. Ensure SC is being updated regularly; address unsuccessful updates of the SC and identify the root cause of the unsuccessful update
- Administering Red Hat Linux based systems with minimal support, to include patching, creating RPM packages, performance tuning, networking, user management (LDAP), and security
- Installing, administering, and troubleshooting recent versions of Red Hat 8.x and 9.x
- Managing and maintaining Red Hat Satellite/Ansible
- Ability to work within VMWare, VCenter and Nutanix building Red Hat systems
- Creates and implements methods and procedures for inspecting, testing, and evaluating the security and effectiveness of products and production equipment
- Effectively choose the appropriate standards, processes, procedures, and tools throughout the system development life cycle to support the generation of the security engineering products
- Design technical, operational, and organizational controls to maintain acceptable security posture
- Administration/operation of information security compliance tools/platforms with a special concentration in managing the Assured Compliance Assessment Solution (ACAS) and ForeScout
- Configure, optimize, and test vulnerability scans against new and existing Operating Systems/platforms
- Configure, operate, and maintain HBSS and its components (ePolicy Orchestrator, McAfee Agent, Data Loss Prevention, Host Intrusion Prevention System, Policy Auditor, Asset Baseline Monitor, and Virus Scan Enterprise) on Windows/Linux creating exceptions to allow essential processes to continue uninterrupted
- Provide guidance on vulnerability and malware remediation
- Configure, operate, and maintain ForeScout, Trip Wire and Ivanti tool suites
- Identify potential conflicts with implementation of any cyber security tools within the enterprise and develop recommendations to remediate these conflicts
- Provide Tier 3 maintenance support for deployed cyber security technologies
- Assist with periodic and regular security assessments
- Assist with the development and maintenance of information security policies, standards, and control procedures to enable compliance with RMF
- Assist with POA&M management, mitigation statement formulation, interfacing with system administrators to resolve open findings of high and at-risk systems
- Experience with developing and presenting vulnerability information for technical and non-technical audiences.
- Well-developed verbal and written communication skills
Here’s What You’ll Need:
- Active Top-Secret clearance with SCI
- 10 years of experience & BS or BA degree in a Computer Science or a related scientific discipline
- 2+ years of experience in a Trellix role working
- 2+ years of knowledge and experience with ACAS and HBSS administration
- Must meet DoD 8570.01-M IAT-II baseline certification requirements such as SEC+ or equivalent
- Working experience with ForeScout
- Working experience with NESSUS
Preferred:
- Possess understanding and experience with common cybersecurity toolsets and processes to include STIGS, IAVA Management and Implementation, and OPORD/FRAGO support
- Demonstrated experience in analysis simulation environment, configuring/troubleshooting software/hardware enhancements, application deployments, and infrastructure upgrades in a dynamic information system hosting environment
- Operate and maintain the Trellix operational architecture, to include the management of centralized log servers and reporting systems
- Ability to install and Configure Trellix Applications
- Ability to troubleshoot and fix Trellix, Red Hat Linux and Network findings
- Ability to configure Trellix Enterprise Security Application
- Red Hat certification
- Trellix Certification
Job Type: Full-time
Pay: From $140,000.00 per year
Benefits:
- 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Retirement plan
- Vision insurance
License/Certification:
- CompTIA Security+ (Preferred)
- Trellix Certified (Required)
Security clearance:
Ability to Commute:
- Warrenton, VA 20186 (Required)
Work Location: In person
