Cybersecurity Engineer 4

Job Title: Sr. Security Operations Engineer
Location: Richmond VA (5 Days onsite a week)
Duration: 9 months Contract (Possible Extension
Interview mode: Both Web Cam and In Person Interview

Job Description:
Position Overview:
The client is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of Information Systems security, security policy, intrusion detection/prevention systems, firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems, log analysis and management, web content filtering; network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP, web security gateways, network access control, endpoint security, and perimeter security technologies. The Senior Security Operations Engineer contributes to the overall technology roadmap.

Key Responsibilities:

• Participates in the design, implementation and support of security infrastructure for the Department.
• Identifies network and information security risks across the enterprise, design, engineer, implement security solutions to address the risks at an enterprise level.
• Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment.
• Effective collaboration with the Office of Information Security OIS and other ITD groups is maintained.
• Strategic Plan items pertinent to the Network Security Operations group are completed.
• System policies and procedures are created, documented, and maintained.
• Perform network scans and penetration testing. Monitors log analysis and management tools for threats.
• Evaluate vulnerability scan results and notify business, application, and infrastructure teams of vulnerabilities in need of remediation.
• Evaluate and participate in agency Azure cloud solution review of network, security, and general project involvement.
• Ensure all daily functions that are required to maintain security applicable systems and applications are documented.
• Work with the agency s ISO team and the IT Auditors to review security audit findings and vulnerability scans results. Identify recommended correction activities and course of action, once determined communicate with the various stakeholders.
• Device configurations are based on best practices.
• Relevant documentation is kept up to date.
• Coordinating the handling and resolution of incidents related to security.

Required Skills & Qualifications:

• Considerable knowledge and hands on experience in the areas of information systems security of security policy
• Considerable knowledge and hands on experience with web security gateways, network access control, endpoint security, and perimeter security technologies.
• Considerable knowledge and hands on experience with firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems.
• Considerable knowledge and hands on experience with intrusion detection/prevention systems, log analysis and management, web content filtering
• Considerable knowledge and experience with network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP
• Demonstrated ability to identify security risks across the enterprise and perform the day-to-day operation, management and administration to protect the integrity, confidentiality, and availability of information assets and technology infrastructure.
• Considerable knowledge and hands on experience detecting, responding, remediating security incidents.
• Considerable knowledge and hands on experience remediating System Security Plans (SSP) and Risk Assessment (RA) in cybersecurity
• Solid experience with performing threat; vulnerability and risk assessment; and coordinating the handling and resolution of incidents related to security breaches at an enterprise level required.
• Considerable knowledge and hands on experience with web related technologies and penetration testing tools

Preferred:
CISSP