*Security Incident Manager
***Active TS/SCI with Full Scope Poly Clearance from appropriate agency REQUIRED***
***U.S. Citizenship REQUIRED***
GENERAL SUMMARY
- Designs audits of computer systems to ensure they are operating securely and that data is protected from both internal and external attack. Makes and implements recommendations for preventive measures as necessary.
- Assesses assigned system to determine system security status. Designs and implements security policies and procedures to ensures compliance to policies and procedures.
- Designs and conducts training for computer security education and awareness programs. Researches and evaluation emerging security trends and issue to ensure that education remains current and is continuously updated.
- Evaluates highly complex security systems according to industry best practices to safeguard internal information systems and databases.
- Defines security requirements and subsequently reviews complex systems to determine if they have been designed and established to comply with established standards. Develops and implements new standards as necessary.
- Leads investigations of security violations and breaches and recommends solutions; provides analysis summary to management and recommends alternative courses of action as necessary.
- Provides expert technical consultation on highly complex tasks; assists and/or provides limited direction to lower level technical personnel.
- Provides product recommendations of security packages to customers; Reviews vendor products and makes recommendations as appropriate. Conducts cost analyses to determine feasibility of new products for clients.
QUALIFICATIONS
- Bachelor's degree or equivalent combination of education and experience
- Bachelor's degree in computer science, management information systems, or related field preferred
- CISSP certification preferred
- Nine or more years of experience in computer science, management information systems or data security experience
- Minimum 5 years experience in System/Security Engineering
- Experience working with information security practices, networks, software, and hardware
- Experience working with computer programming
- Experience working with operating systems
- Experience working with computer desktop packages such as Microsoft Word, Excel, etc.
- Experience working with security architecture
- Provide configuration assistance/guidance on ICES Internal Enclave to ensure the security posture of ICES is maintained by a strong Network Perimeter
- Conduct security testing on the existing client infrastructure and new technologies pending client approval (Hardware/Software) to identify any existing vulnerabilities and develop mitigation strategies
- Provide Security Engineering assistance with design and implementation on new systems/services with various ICES teams
- Thorough understanding of DCID 6/3 and be prepared to adhere to NIST
- Thorough understanding of conducting packet analysis
- Must hold an active DoD Top Secret/SCI security clearance with a Full Scope Polygraph
- Strong analytical and problem solving skills for resolving security issues
- Strong organization skills to balance work and lead projects
- Strong leadership skills to effectively mentor and lead junior level personnel
- Strong interpersonal skills to interact with customers and team members
- Strong communication skills to interact with team members and support personnel
- Strong skills implementing and configuring networks and network components
- Ability to work with relational databases
- Ability to work in a team environment
- Experience working with complex networks
- Experience in conducting various types of scans (port scanning, O/S fingerprint, active, passive, NMAP, Nessus)
- Experience with Syslog
- Experience with IPSEC and VPNs
- Process oriented
- Knowledge and understanding of working with and securing: routers, switches, firewalls, network topologies, TCP/IP, VPN, VLANs, IPv6, DNS, IDS and IPS, encryption, Windows 2003/2008, RHEL 4/5, Solaris 8/10, Trusted Solaris 8, Visio, Solarwinds, IPSO, Cross Domain Solutions (CDS), ArcSight, NMAP, Tripwire, Router Auditing Tool (RAT), VMWare ESX (VIN3), DoDIIS Trusted Workstation (DTW), Sourcefire
- Experience with the operation and configuration of the ArcSight SIEM tool
- Experience with the operation and configuration of IDS tools, in particular the Sourcefire Defense Center
- Broad knowledge of security issues and concerns
- Strong understanding of operations processes of the organization
- Strong technical knowledge of network operations
- Strong technical knowledge of network systems (switches, routers, firewalls, IDS, etc.) and their operating systems (IOS, etc.) and operation
- Strong ability to configure and use network auditing and monitoring tools (i.e. IDS, firewall, network sniffers, behavioral analysis, log aggregation/analysis, etc.)
- Strong understanding of server operating systems, applications and system operations.
- Strong ability to review and understand network logs to discern unusual activity
- Ability to correlate information with network, server and application logs to discern unusual events
- Ability to discern actual risks to network and provide direction for corrective actions
- Ability to determine security threats and vulnerabilities and communicate risk to technical and non-technical management and staff
- Good organization skills
- Good oral and writing communication skills
- Excellent research skills
EMC Corporation (NYSE: EMC) is the world's leading developer and provider of information infrastructure technology and solutions that enable organizations of all sizes to transform the way they compete and create value from their information. Information about EMC's products and services can be found at www.EMC.com.
If you're looking to make a difference, not just in technology but wherever people live and work, to advance what's possible and move the world forward, to work with the sharpest minds in information-come to EMC. And if you're looking for greater balance in your life, we can help there too with healthy work styles, full tuition reimbursement, personal wealth-creation support, and unlimited opportunities to do important and exciting work in IT. For more information on careers at EMC and to apply, click here.
EMC values an inclusive work environment where every employee is encouraged to share their ideas and talents, so we can leverage our diversity. From our diversity, EMC draws the strength to be a world-class company.
EMC is committed to creating an environment of inclusion that has many dimensions-cross-geography, cross-organization, and across traditional lines of difference, such as gender, sexual orientation, ethnicity, and race.
Thanks,
EMC Team
