• Cyber Security Engineer, Sr.

    Location US-Arlington, VA/Washington, DC
    Posted Date 1 month ago(11/11/2018 4:42 PM)
    Job ID
    S-64
    # Positions
    1
    Experience (Years)
    8
    Category
    Cyber Security
  • Overview

    WOOD is currently hiring Principle Cyber Security Engineers to join our team in Ballston, VA. The Cyber Engineer designs, develops, documents, analyzes, tests, integrates, debugs, conducts research and/or discovers and analyzes security flaws or vulnerabilities in software, networks, systems, applications and/or provide mitigation strategies. 

    Responsibilities

    • The Cyber Engineer ensures system security needs are established and maintained for various objects/matters
    • Integrates new architectural features into existing infrastructures, design cyber security architectural artifacts, provide architectural analysis of cyber security features and relate existing system to future needs and trends
    • Evaluates computer software and network for threats and/or malware Collects data from a variety of network security tools, including intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within their environment
    • Employs and provides computer advanced forensic tools, techniques, and intrusion support for attack reconstruction and high technology investigations, while reviewing threat data from various sources
    • This position may also identify network computer intrusion evidence and perpetrators
    • Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents
    • Assess and analyze system security to identify and mitigate risks and vulnerabilities
    • Recommend countermeasure to mitigate risks and vulnerabilities
    • Prepare documentation, including incident reports, security recommendations, etc.
    • Perform attack reconstruction, review threat data and investigate security incidents to determine extent of intrusion and compromise to system and data
    • Provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments
    • Develop mitigation strategies, including influencing accessible assets and data flows (e.g. block behaviors, quarantine hosts and enclave, block and modify traffic)
    • Provide countermeasure recommendations and business cases based on standard security principles, policies, standards and industry best practices
    • Test and provision countermeasures
    • Use encryption technology, penetration, risk management and vulnerability analysis of various security technologies and information technology security research
    • Gather data and formulate mitigation plans for effective and real-time incident response
    • Perform one or more following:
      • Malicious payload analysis, inspection of PCAP payload at the application layer
      • De-obfuscation; transform source or machine code to human-readable cost to assess script functionality
      • Botnet activity correlation: assess impact/effect of software robots (i.e., "bots") that run autonomously, automatically and /or undetected

    Qualifications

    U.S. Citizenship and Active Top Secret/Sensitive (TS/SCI) security clearance required:

    • Eight (8) or more years of cyber security experience required
    • Significant experience with AWS Technologies
    • Bachelor's degree in Cyber Security Information Security, Software Engineering or a related discipline is required
      • A Master's degree in a related discipline may substitute for two (2) years of experience
      • A PhD may substitute for four (4) years of experience
    • Experience leading an incident response team required
    • Experience with ArchSight required
    • Experience with one or more of the following is require: MS Visual Studio, Driver Development Kit, IdaPro, Windbg, SoftIce, OllyDbg, VMWare, etc.

    Certifications:

    • Certified Information Systems Security Professional (CISSP) certification required
    • 8670 IAM Level II certification required
    • Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired
    • Certified Ethical Hacker (CEH) certification desired
    • SANS/GIAC Reverse Engineering Malware (GREM) certification desired
    • ArcSight Certified Security Analyst (ACSA) or ArcSight Certified Advance Security Analyst (ACASA) certification desired

     

    WOOD Consulting Services is headquartered in Fulton, Maryland with an office in Washington, DC. WOOD embraces a simple philosophy… take care of our people and they will take care of our customers. We seek to hire and retain high caliber-talent to meet the needs of our customers with excellent services. For over 20 years, WOOD has followed that philosophy and built a reputation as reliable mission-enablers helping U.S. agencies achieve mission success.

     

    WOOD is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed