Information Security (INFOSEC) Engineer

About Us:

CTA, Inc is seeking a full-time Information Security (INFOSEC) Engineer in Arlington, VA to work in a progressive and highly dynamic office environment. This position is ideal for self starters and those who desire professional exposure to a broad range of security topics. A strong desire for personal and professional growth on all aspects of technical security is encouraged.

Description of Information Security (INFOSEC) Engineer:

A successful candidate will be able to perform the following responsibilities:

• Support the INFOSEC Group in preparing for and conducting technical security assessments, security intrusion detection monitoring, penetration testing, and security posture and vulnerability assessments of UNIX, Windows and other systems.
• Use vulnerability assessment tools, such as Snort, SourceFire, Foundstone, Nessus, and WebInspect, to determine the security posture of IT assets.
• Support a 24X7 ON Call rotating schedule and respond to events.
• Support the INFOSEC Team in developing information security documentation, analysis and reports including FISMA POA&M.
• Design, develop, engineer and implement solutions to INFOSEC requirements.
• Gather and organize technical information about an organization and its missions, goals, requirements, existing security products, and ongoing programs in the INFOSEC arena.
• Use open source and commercial intrusion detection tools to monitor the status and health of IT assets.
• Must be proficient in analyzing the output from the tools to make recommendations.

Requirements of Information Security (INFOSEC) Engineer:

Required qualifications and skills for this position include:

• Able to pass a NACIC background check
• A Bachelor's degree in Computer Science, Information Systems, Engineering, or other related scientific or technical discipline.
• Six years of experience in the INFOSEC field.
• Experience with documentation development specific to the SOW in a contract.
• Must have hands on experience with vulnerability assessment and intrusion detection tools.

• Existing NACI or NACIC security clearance or higher (i.e. Existing DOD Secret Clearance)
• Know Shell and Perl scripting, and some C programming skills.
• GIAC Certified Intrusion Analyst (GCIA), or any of the following certifications, is highly desirable.
• CISSP
• GIAC Certified Firewall Analyst (GCFW)
• GIAC Security Essentials Certification (GSEC)
• GIAC Certified Incident Handler (GCIH)
• GIAC Certified Windows Security Administrator (GCWN)
• GIAC Certified UNIX Security Administrator (GCUX)
• GIAC Systems and Network Auditor (GSNA)
• GIAC Windows 2000 Gold Standard Certificate (GGSC-0100)
• Experience with the use of Networking, Linux, Nessus, ISS and Snort.
• Self-starter capable of working independently with the customer and industry points of contact.
• Must be able to work with other contractors and employees in a congenial manner.
• Personal initiative and a sound work ethic are very important to the task's success.

No relocation expenses are available for this position.

Equal Opportunity Employer M/F/D/V

Keywords:information security (INFOSEC) engineer, it, i t, information technology, I.T., IT, computer software, Microsoft technologies, Jscript, ASP, IIS 5.0, SQL Server 2000, Windows, Java, C++, C#, Microsoft .NET, engineering, eng