Sevatec Inc.

  • Security Engineer/Incident Responder - Senior

    Job Locations US-DC-Washington
    Posted Date 2 weeks ago(6/7/2018 10:54 AM)
    Job ID
    2018-1440
    # of Openings
    1
    Category
    Information Technology
  • Overview

    Sevatec is seeking to hire a senior Security engineer for a Department of Commerce (DOC) client in Washington, DC. This person will be a part of an Enterprise Cyber Security Center’s Incident Response team with nation-wide support across several different geographic sites. The candidate is to provide incident response engineering and analysis of IDS / IPS systems as well as forensics analysis with tools such as FDK, Encase etc…This includes activities ranging across forensic analysis, malware analysis, Cyber Security threat intelligence, incident response and support of advanced threat detection technologies. Builds, develops, and maintains relationships with internal and external customers, and vendors to formulate solutions for government client system issues related to Information Security. Evaluates and recommends the appropriate level of technology, skill levels and processes required to deliver high-level information security processes, procedures and solutions to ensure the confidentiality and integrity of DOC information and constituency assets.

    Responsibilities

    • Provide support for Incident Response, detection analysis, forensic imaging of systems, and extraction of digital information, malware and log analysis.
    • Monitor and analyze intrusions via ArcSight ESM, Splunk, McAfee SIEM, FireEye, Encase Examiner and Encase SAFE.
    • Report findings and results to upper management with metrics and forensic reports.
    • Collaborate incident response with internal and external entities to include but not limited to government and private sector.
    • Must demonstrate knowledge of Incident Response processes and procedures including initial response, evidence collection, special handling processes, and incident recovery.

    Qualifications

    • Minimum of eight years working within the information security field, with emphasis on security incident management, intrusion detection, firewall deployment, and computer forensics.
    • Demonstrable expertise in Apache Server – demonstrating an ability to analyze logs, configurations and vulnerabilities.
    • At least 7 years’ experience of system administration in UNIX and Linux – demonstrating an ability to analyze logs, configurations and vulnerabilities.
    • At least 5 years of MS Windows OS and network operations.
    • Expert knowledge TCP/IP protocol suite (IP, TCP, UDP, ICMP, etc.) 
    • Knowledge and understanding of routing protocols. 
    • Demonstrated knowledge of LAN/WAN management and  application layer protocols (HTTP, FTP, DNS, SMTP, SNMP, etc) 
    • Familiarity with common cyber forensics tools and techniques.
    • Experience with or substantial knowledge is preferred in many of the following areas: computer forensics; software development lifecycle; cyber security incident handling; system and/or network administration; operational details of multiple operating systems; cryptography and encryption tools.
    • Must have GAIC Certified Incident Handler (GCIH), CERT Certified Computer Security Incident Handler (CSIH), Certified Information Systems Security Professional (CISSP), or Electronic Commerce Council Certified Ethical Hacker (CEH) Certification Required.  

    Desired Skills:

    • Broad Cisco product line experience.
    • Expert knowledge Linux implementation design goals and constraints.
    • Demonstrated security testing methodology and experience of IT products and software.
    • Advanced technical writing skills.

    Security Clearance:  Applicants selected must be U.S. Citizens and will be subject to a government security investigation and must meet eligibility requirements for access to classified information. 

     

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed