We are looking for a Security Engineer to join our security team, supporting engineering for technology implementation, continuous monitoring, and reporting, while ensuring Iron Bow meets customer and legal obligations for compliance and certification.
Responsibilities include design, consulting, implementation of security best practices within operational infrastructure supporting customer; and providing operational security assessments and required compliance reviews to maintain and achieve industry standard certifications. This position may require contingent support for the enterprise infrastructure and environments in the event of unforeseen circumstances.
- Apply cybersecurity and privacy principles, including defense-in-depth, to design, implement, test, and support security compliance and certification requirements on the organization’s networks, desktop, systems, and server infrastructure across all supported technologies.
- Evaluate the adequacy of security designs, including demonstrated understanding of security objectives, operational objectives, and trade-offs (i.e., how changes in conditions, operations, or the environment affect outcomes.)
- Assess threats and vulnerabilities, and evaluate risks likely to impact the infrastructure
- Monitor and respond to vulnerability information from dissemination sources, including vendors (e.g., alerts, advisories, errata, and bulletins)
- Participate in system development lifecycle processes to provide recommendations for security controls and provide guidance to security and infrastructure teams.
- Develop, implement, and maintain automated monitoring reporting solutions for production and test environments to support compliance and certification commitments.
- Daily monitoring of the IT infrastructure to ensure confidentiality, availability, integrity, and security
- Daily support and maintenance of systems, networks, and applications supporting security technologies to meet compliance and certification commitments.
- Provide technical security guidance to staff as required to support compliance and certification requirements and work with consultants as needed
- Support security solution implementations at multiple levels, including Systems, Applications, Network, Cloud, Mobile, and Endpoints, for IDS/IPS, SIEM/SOAR, scripting and Data Loss Prevention (DLP) solutions to protect Iron Bow from potential breaches.
- Maintain skills and awareness of new and emerging cybersecurity and information technology (IT) technologies
- Participate on Cyber Incident Response Team as required to support Incident Response for Security Incidents, and in any planned Pen testing deemed necessary by Senior Leadership.
- 3 - 5 years of relevant security experience and bachelor’s degree in a related field (or equivalent experience in lieu of degree.)
- DoD 8570 active certification track at IAT Level II or higher track, including one or more of the following: GSEC, GICSP, SSCP, CCNA-Security, CompTIA Security+ CE.
- Work with Windows/Unix operating systems, ports and services, command-line tools, and security database systems and interpret information collected by network and system tools, including an enterprise CMDB.
- Experience with network communication tools and traffic analysis methods, network mapping, and recreating network topologies.
- Experience with AV/NGAV endpoint protection products, and with working with Virtual Host environments and hypervisor, managing and monitoring Active Directory, SAML / ADFS, Multi Factor Authentication, RADIUS, and Unified Collaboration Systems (or similar VOIP/video) implementations and security concepts, tools, and technologies.
- Demonstrate a working knowledge of IT networks and systems concepts and security principles (e.g., firewalls, DMZ, Storage, Virtualization, OS-level configuration, encryption, load balancers, proxies, VPN, bandwidth management), resiliency and redundancy, encryption algorithms and methodologies, and cryptographic key management concepts.
- Working knowledge of network topology, protocols, components, and OSI model, and IAM technologies (e.g., PKI, Oauth, OIDC, SAML).
- Follow established processes for risk management and system life cycle and security management (e.g., Risk Management, Change Management, Release Management, Patch Management, current version ITIL, incident response and handling methodologies, etc.)
- Experience assessing and supporting security control requirements based on standards. (e.g., ISO, NIST, FISMA, CSF, PCI-DSS, HIPAA, AICPA SOC, etc.).
- Collect data from, and respond to Government and Industry vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins) relevant cyber defense resources.
- Support system administration, network, and secure configuration management and hardening techniques (USGCB, CIS benchmarks, OWASP, MITRE, Veracode, etc.) to resolve system and application security risks.
- Applied experience with analysis, design, and application of system security tools, methods, and techniques, and testing and evaluation methods.
- Applied experience with cyber defense and vulnerability assessment tools and capabilities to identify and categorize, and address vulnerabilities (e.g., vulnerability and compliance scanning).
- Familiarity with adversarial tactics, techniques, and procedures, common attack vectors on the network layer and awareness of attack threat sources (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored)
- Experience with monitoring, analysis, and response to Business Email Compromise (BEC) incidents
- Ability to function effectively in a collaborative environment, seeking continuous consultation with other analysts and experts—both internal and external to the organization—to leverage analytical and technical expertise.
- Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means to technical and non-technical audiences.
- Strong attention to detail and problem-solving skills with ability to self-prioritize workload to meet established organizational goals
- Demonstrated proficiency with Microsoft Excel, Visio, Word.
- Self-starter, skilled with managing time effectively while working multiple projects in a fast-paced environment
- Willingness to maintain your knowledge and expertise by learning new and evolving technologies and by achieving appropriate industry and professional certifications
- Some local travel and/or after-hours work within the DC/MD/VA area may be occasionally required
- DoD 8570 certification at IAT Level II or higher track. GSEC, SSCP, CASP+, CEH, ECSA (practical), CISSP (or Associate), Microsoft and Cisco Security and RHCSA certification(s) is preferred.
- Experience supporting implementations of security and privacy controls for PII, PHI, PCI, CCPA, and GDPR.
- Experience with network security solutions such as Cisco ISE
- Hands on experience with application firewalls and proxying web applications
- Hands on experience with Enterprise Linux platforms
- Experience with AWS or Azure cloud services and associated networking, as well as collaboration and integration with O365 products.
- Experience supporting collaboration and conferencing solutions.
- Working knowledge of next generation network technologies including SD-WAN, VXLAN, Next-Gen Firewalls
- Demonstrated analytic skills and working knowledge of data science concepts used in security tools, including algorithm selection, parameter tuning, evaluating results, and report types.
- Familiarity with cyber-attack stages and tools (e.g., MITRE Kill Chain, MITRE ATT&CK,etc.)and identification of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, SQL injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
- Experience with data visualization tools, structured analysis principles and methods and design modeling (e.g., unified modeling language).
- Ability to perform packet-level analysis using appropriate tools and cybersecurity best practices.
- Knowledge of embedded systems and IOT technologies.
- Working knowledge of security requirements and methods for government community and commercial cloud-based systems.
- Experience in software and/or application development (i.e., python, SQL, or SQL variant, APIs).
- Familiarity with confidentiality and integrity access models.
- Experience with data driven decision-making tools.
- US Citizen and able to obtain security clearance if required
Iron Bow Technologies is a leading IT solution provider dedicated to successfully transforming technology investments into business capabilities for government, commercial and healthcare clients. Our depth of technical expertise, global reach and strategic partnerships with industry leaders as well as disruptive technology partners uniquely positions Iron Bow to target the right solution to ensure your successful business outcome. We partner with our clients from planning and implementation through ongoing maintenance and management to deliver solutions that are strong, flexible and on target.
Iron Bow Technologies is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
Open Web Application Security
Pci Data Security Standards