Eagle Ray, Inc.

Returning Candidate?

Cyber Engineer

Cyber Engineer

ID 
2018-2533
Job Location 
US-VA-Ashburn
Security Clearance 
Top Secret/SCI (TS/SCI)

More information about this job

Overview

Eagle Ray Inc. is looking for Cyber Engineers to design, develop, document, analyze, test, integrate, debug, conduct research and/or discover and analyze security flaws or vulnerabilities in software, networks, systems, applications and/or provide mitigation strategies. The Cyber Engineers ensure system security needs are established and maintained for various objects/matters. Integrate new architectural features into existing infrastructures, design cyber security architectural artifacts, provide architectural analysis of cyber security features and relate existing system to future needs and trends. Evaluate computer software and network for threats and/or malware. Collect data from a variety of network security tools, including intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within their environment. Employ and provide computer advanced forensic tools, techniques, and intrusion support for attack reconstruction and high technology investigations, while reviewing threat data from various sources. This position may also identify network computer intrusion evidence and perpetrators.

Responsibilities

  • Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents.
  • Assess and analyze system security to identify and mitigate risks and vulnerabilities.
  • Recommend countermeasures to mitigate risks and vulnerabilities.
  • Prepare documentation, including incident reports, security recommendations, etc.

 

Qualifications

Required skills may include:

  • 2-20 years of experience.
  • Bachelor's degree in Cyber Security, Information Security, Software Engineering or a related discipline is required.
  • Active Top Secret/Sensitive Compartmented Information (TS/SCI) security clearance required.
  • U.S. Citizenship required.
  • Experience in intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis.
  • Experience with standard security principles, policies, standards and industry best practices.
  • Experience with software development
  • Understanding of windows and UNIX operating systems
  • Understanding of security technologies and concepts, experience in design and implementation of secure network solutions including DMZs and web portals
  • Knowledge of Information Assurance and Information Operations technologies and development activities.
  • Understanding of the processes and guidelines for Certifying & Accrediting (DCID, ICD, NIST 800-53, SANS 20) information systems based upon experience on a large-scale development program.
  • Practical experience hardening IT systems in compliance with STE/STIG guidelines
  • Possesses or quickly develop a comprehensive understanding of Government Information Security policies, regulations, and guidelines.
  • Experience and knowledge of networking (TCP/IP, topology, sockets and security), operating systems (Windows/UNIX/Linux), and web technologies (Internet security).

Desired skills include:

  • Experience with Security Event Incident Management, Log Correlation and Network Behavior Anomaly detection systems (ArcSight, QRadar , Splunk, Mazu, Arbor, etc.)
  • Experience and/or familiarity with one of more of the following: Java, Swing, Hibernate, Struts, JUnit, Perl, Ruby, Python, HTML, C, C++, .NET, ColdFusion, Adobe, Assembly language, etc.
  • Demonstrated experience and/or familiarity with VMWare and virtual machines.
  • Ability to write custom tools and modify existing intrusion detection tools.
  • Experience with Agile development methodology.
  • Experience with automated testing tools (e.g., RSpec, Cucumber, etc.)
  • Experience with one or more of the following:

 

    • Security COTS integration
    • Security Incident Event Management
    • Insider Threat Monitoring
    • Operating System Hardening
    • Vulnerability Assessment testing
    • Identification and Authentication schemes
    • Public Key Infrastructure and Identity Management
    • Cross Domain Solutions
    • Computer Network Exploitation (CNE)
    • Computer Network Operations (CNO)
    • Malware Analysis
    • Reverse Software Engineering
    • Security engineering  

Certifications:

  • DODI 8570.1-M Compliance at IAT Level I certification required.

 

 

Equal Opportunity Employer/M/F/Disability/Vet/Sexual Orientation/Gender Identity