[Close] 

IT Security Engineer

Company Name:
Digital Prospectors Corp
Find your job at www.LoveYourJob.com

Job Title: IT Security Engineer
Location: Lexington, MA
Duration: 12 months and 40hr/wk

Applicants must meet the eligibility requirements to obtain a Security Clearance for access to classified information.

Our client, one of the most prestigious Research and Development Labs in the country, is working on solutions to our nation's most complex defense and commercial related challenges. We have placed hundreds of talented engineers with this client over the years - If you are qualified - we can get you in!!!

The mission is critical and the work is as cutting edge as it is rewarding. The teams are superbly managed groups of world class engineers from all types of interesting and diverse backgrounds - AND THEY ARE HIRING!
Make this your next career move as one of our many long term contractors or employees!

Work as our full time employee with full benefits (Medical, Dental, Vision, STD, LTD, PTO, Retirement, etc.) - OR - work as a W2 hourly contractor at a higher pay rate if you don't need the benefit package.

JOB DESCRIPTION:
The IT Security Engineer provides hands-on technical support to our Client's IT Security Operations and Engineering team. Primary responsibilities will be to support and engineer the IT Security Infrastructure systems. These systems include, but are not limited to, Intrusion Prevention/Detection Systems, firewall, vulnerability scanning, web-proxy, email security as well as internally developed solutions. Responsibilities include managing the full life-cycle of security services including requirements gathering, systems design and development, systems integration, QA testing and operational support. The position reports to the IT Security Team lead and must work closely with teams in other Infrastructure and Research areas to provide superior protection to the information assets.

Primary Duties:
1. 45% Security Infrastructure Engineering
a. Provide 3rd level support to customers and other administrative staff in area of expertise. Respond to requests and resolve issues and problems using ticketing system.
b. Participate in all project activities accordingly to ensure on time deliverables are met including day to day planning and coordination with customers and internal teams. This includes adjusting plans and schedules as necessary to meet changing business requirements.
c. Evaluation of new tools, services products, or architectures as well as changes to existing products and services. Participation in development and maintenance of security infrastructure roadmap and security architecture.
d. Develops, publishes, and maintains system documentation (e.g. Requirements, Design/Build, Testing, and SOP) according to department standards.
2. 30% Security Infrastructure Operations
a. Responsible for maintaining security Infrastructure Systems (e.g. Intrusion Prevention Systems, Anti-Virus, Web Proxy Systems, and Online and Offline Malware Analysis Systems)
b. Ensure all devices are under configuration management, receiving signature updates and maintain operational readiness
c. Monitor performance metrics and log data for continuous improvement and tuning to match current threats
d. Update rule-sets on infrastructure systems to support overall Laboratory defensive systems.
e. Coordinate activities of Security Operations and Engineering team members.
3. 15% Cyber Security and External Awareness
a. Participation in external Cyber Security working groups (e.g. FFRDC)
b. Monitor current malicious cyber activity at large and research how vulnerabilities are being exploited and software affected.
c. Proactively identify opportunities to mitigate potential threats based on research
d. Proactively identify any patterns within device and server logs based on research to potentially identify systems of interest or mitigate future risk to the Laboratory systems
4. 10% Threat and System of Interest Analysis
a. Assist the Threat Assesment team with determination of threat level and action to be performed on system of interest. e.g. through analysis of logs
b. Identify ways to mitigate future risk to the Laboratory and request blocks to be put in place
c. Recommend escalation of systems of interest for policy violations and risk to the threat assesment team

Special Talents & Qualifications:

Required Minimums:
- Bachelor's of Computer Science or relevant technical field of study
- Security+ Certification equivalent or higher certification
- Ability to work independently toward delivery of goals as well as collaborate in team efforts.
- Skill in organizing and managing technical projects.
- Skill in building consensus among stakeholders and colleagues.
- Excellent customer service skills.
- Excellent verbal and written communication skills.
- Demonstrate the ability to learn new technologies and disciplines quickly.
- Experience supporting web-proxy solutions
- Strong overall network skills (e.g. routing, switching and TCP/IP protocol)
- Endpoint protection tools (e.g. Anti-Virus, HIPS, Encryption, Application Control)
- Host and Network Intrusion Systems and signature writing
- Knowledge of Systems and Network Forensic tools and techniques
- Familiarity with Advanced Persistent Threats
- Working knowledge of incident handling, GCIH certification is strongly desired
- Vulnerability Analysis and Risk Assessment strategies and procedures
- Knowledge of various desktop and server operating systems including Windows, Macintosh, Solaris and Linux
- Experience with Network Access Control (NAC) technologies and compliance enforcement
- Demonstrate the ability to learn new technologies and disciplines quickly.
- Microsoft desktop tools (word, excel, powerpoint, visio etc.)

Preferred:
- Familiarity with data analysis in the context of identification of information security threats and risk management
- Experience operating and implementing Security Information and Event Management (SIEM) Tools
- Experience with DoD Networks
- Experience with Networking and Security Tools
- Working knowledge of FISMA, DIACAP security controls
- Understanding of NISPOM security controls
- GSEC, CISSP or equivalent certification
- ITIL v3 Foundations experience and/or certification

Further requirements:
8+ years' experience in the information technology field.
4+ years' experience specifically in the information security field.
Occasional off-hour/on-call support is necessary. A certain degree of flexibility of schedule is required as some work (planned/unplanned) must be done outside of major production hours during pre-scheduled maintenance windows.
This position requires an individual with excellent communication (both verbal and writing), organizational and analytical / problem-solving skills. The individual must be able to work in a fast-paced environment at times with minimal supervision and execute project and administrative tasks with a high degree of quality, while following existing processes and also establishing new operational procedures and best practices where necessary. Additionally, the position requires the ability to work with members of other teams and staff to all necessary department and organizational goals.

ABOUT DIGITAL PROSPECTORS (DPC):

Founded in 1999, DPC is an award winning recruiting and consulting firm that specializes in in placing contract, contract to hire and direct hire engineers into rewarding opportunities with our impressive and ever-growing client base.

Come see why DPC has been voted "Best of Staffing" for candidate satisfaction by Inavero / CareerBuilder.com, "Top Temporary Placement Firm" by Boston Business Journal, "Best Company To Work For" by Business NH magazine, "Top IT Services Company" by Inc. Magazine, "Most Reliable Staffing Agency" in Forbes Magazine and "Top Ranked Staffing Firm" by Staffing Industry Analysts.

www.LoveYourJob.com
Phone: 603-772-2700

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.