Information Assurance/Network Security Engineer: Aboutweb, LLC

Information Assurance/Security Engineer

Location: Washington DC

Security: Chosen candidate will be processed for a Public Trust clearance

Background Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education, with 9 years of professional experience; or 7 years of professional experience with a related Masters degree. Considered an emerging authority.

To provided security engineering designs and implementation in all aspects of Information Assurance and Information Security (InfoSec) Engineering. Assesses and mitigates system security threats/risks throughout the program life cycle; validates system security requirements definition and analysis; establishes system security designs; implements security designs in hardware, software, data, and procedures; verifies security requirements; performs system certification and accreditation planning and testing and liaison activities, and supports secure systems operations and maintenance.

Required Skills:

· CISCO MARs, Site Protector, Symantec, NAC IPsec, PKI

· Experience and knowledge of NIST-800 series standards and in the implementation of security controls to meet NIST 800 series standards.

· Knowledge of and skills with Web Proxies, DHCP, DNS, NAC, IPS/IDS systems

Desired Skills:

· Certified Cisco Network Administrator (CCNA) required and or Cisco Certified Security Professional (CCSP) certification a plus.

· CISSP or in the process of acquiring certification is desired.

Expected Job Duties:

· The successful candidate will be responsible for the monitoring and management of IDS/IPS, HIDS/NIDS, routers, switches, FWs, VPNs, Databases, and servers availability in a Security Operation Center environment. The candidate must have experience in responding to security alerts/threats/attacks and all security related events. The candidate must have experience in the use of forensic tools and techniques, penetration testing, discover vulnerabilities in information systems. The candidate must have experience in analyzing syslog data.

· The candidate must have knowledge of NIST-800 and CERT standards.

· The candidate must have knowledge of security technologies, development of security infrastructures and security policies, recognize threats and vulnerabilities on the network, and the ability to mitigate security threats/risks.

· The candidate must answer all trouble calls/emails and work assigned tickets. Interacts with internal clients to resolve network and security issues; communicate with internal clients in a professional manner maintaining confidentiality.

· Provide responses to internal clients in the designated time frame.

· The candidate must have a thorough understanding of LAN/WAN integration, TCP/IP protocols, DHCP, DNS, VLANs, VPN, IDS/IPS systems to include the care and feeding of these systems through the use of IDS monitoring/log analysis and reporting management systems, Cisco switching and routing essentials.

· The candidate will provide fault resolution, risk mitigation, prevention and escalation. The candidate will provide proactive maintenance of software and tuning of IP/IDS sensors, Firewalls, network reporting devices, data archiving, drop rules, notification and device configuration. The candidate will provide after action plans, incident response plans, and weekly/monthly signature alert reports.

· Define processes to manage network security, support security management and security architecture standards and Security Operations documentation. The candidate must be able to provide recommendations to optimize LAN/WAN network and security performance