• Principal Cyber Engineer, Level II

    Location US-VA-Dulles
    Posted Date 1 month ago(11/11/2018 4:40 PM)
    Job ID
    # Positions
    Experience (Years)
    Cyber Security
  • Overview

    WOOD is currently hiring a Principal Cyber Engineer, Level II  to join our team in the Dulles, VA area. The Principal Cyber Engineer designs, develops, documents, analyzes, tests, integrates, debugs, conducts research and/or discovers and analyzes security flaws or vulnerabilities in software, networks, systems, applications and/or provide mitigation strategies. The Cyber Engineer ensures system security needs are established and maintained for various objects/matters.


    • Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents
    • Assess and analyze system security to identify and mitigate risks and vulnerabilities
    • Recommend countermeasure to mitigate risks and vulnerabilities
    • Prepare documentation, including incident reports, security recommendations, etc.
    • Perform attack reconstruction, review threat data and investigate security incidents to determine extent of intrusion and compromise to system and data
    • Provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments
    • Auto-generate network traffic intelligence
    • Develop mitigation strategies, including influencing accessible assets and data flows (e.g. block behaviors, quarantine hosts and enclave, block and modify traffic)
    • Provide countermeasure recommendations and business cases based on standard security principles, policies, standards and industry best practices
    • Test and provision countermeasures
    • Mitigate attacks and threats by assessing the impact of countermeasures and response effects
    • Monitor and diagnose potential residual effects
    • Use encryption technology, penetration, risk management and vulnerability analysis of various security technologies and information technology security research
    • Gather data and formulate mitigation plans for effective and real-time incident response
    • Perform one or more following:
      • Malicious payload analysis, inspection of PCAP payload at the application layer
      • De-obfuscation; transform source or machine code to human-readable cost to assess script functionality
      • Botnet activity correlation: assess impact/effect of software robots (i.e., "bots") that run autonomously, automatically and /or undetected
    • Assist in identification and implementation of appropriate information security functionality
    • Serve as a subject matter expert for application security in support of programs
    • Produce reports and briefs to provide accurate depiction of threat landscape and associated risks


    U.S. Citizenship and Active Top Secret/Sensitive (TS/SCI) security clearance required:

    • Ten (10) or more years of cyber security experience required
    • Bachelor's degree in Cyber Security Information Security, Software Engineering or a related discipline is required
      • A Master's degree in a related discipline may substitute for two (2) years of experience
      • A PhD may substitute for four (4) years of experience
    • Experience leading an incident response team required
    • Experience with ArchSight required
    • Experience with one or more of the following is require: MS Visual Studio, Driver Development Kit, IdaPro, Windbg, SoftIce, OllyDbg, VMWare, etc.


    • Certified Information Systems Security Professional (CISSP) certification required
    • 8670 IAM Level II certification required
    • Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired
    • Certified Ethical Hacker (CEH) certification desired
    • SANS/GIAC Reverse Engineering Malware (GREM) certification desired
    • ArcSight Certified Security Analyst (ACSA) or ArcSight Certified Advance Security Analyst (ACASA) certification desired
    • SourceFire Certified Professional (SFCP) certification desired


    WOOD Consulting Services is headquartered in Fulton, Maryland with an office in Washington, DC. WOOD embraces a simple philosophy… take care of our people and they will take care of our customers. We seek to hire and retain high caliber-talent to meet the needs of our customers with excellent services. For over 20 years, WOOD has followed that philosophy and built a reputation as reliable mission-enablers helping U.S. agencies achieve mission success.


    WOOD is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed