InquisIT LLC
Cyber Security Engineer
InquisIT LLC, Washington, District of Columbia, us, 20022
Current job opportunities are posted here as they become available.Subscribe to our RSS feeds to receive instant updates as new positions become available.InquisIT is seeking a Cybersecurity Engineer to join us in Washington, DC.This role will have responsibilities that encompass Security Operations and Engineer skill sets to help secure customer cloud computing, data center, and on-premise environments. The successful candidate will help set up, operate, and manage/maintain a variety of security solutions including vulnerability management, endpoint security, security information and event management, and governance/risk/compliance. The candidate will also help develop and maintain security policy and procedures, perform incident response and business continuity testing, work with the NIST Cybersecurity Framework and CIS Benchmarks, and assist with security audits as needed. At various times, production security operations tasks such as analysis of security issues and responding to security incidents will be required. The successful candidate should be a team player with a dynamic personality that can work effectively with end users and management for resolution of security incidents.This position is being offered as an onsite role with hybrid potential after probabtionary period.Primary Job Responsibilities
:Ensures adherence to security standardsActs as the point of contact responsible for the planning, development, test, and implementation of IT security controlsMaintains an understanding and documentation of system security baselinesDevelops and executes information security plans and policiesDevelop strategies and procedures to respond to, recover, and investigate security breach(es)Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threatsInstalls, configures, and updates firewalls, data encryption, and other security products to facilitate a secure postureConduct periodic network scans to identify and remediate vulnerabilitiesMonitor networks and systems for security breaches through the use of software that detects intrusions and anomalous system behaviorPenetration testing experience (burp suite)Experience and Qualifications
:9+ years of industry experience in an Information Security function with degree, 12+ years without degreeBachelor’s degree or equivalent experienceExperience with Palo Alto (preferred) or Cisco firewall, network security appliance administration and cloud securityExperience with vulnerability scanners and management, preferably Tenable Nessus and Qualys, managing POAMs and Risk Acceptance MemosPossess fundamental knowledge of Windows and Linux (RHEL) operating systems, and the ability to analyze network traffic and security eventsDemonstrated experience with RMF, A&A, IV&V, and continuous monitoringDemonstrated experience implementing and assess compliance with security baseline and controls (CIS Benchmark, DISA STIG, NIST 800-53)Experience with Log aggregation/SIEM tools such as Splunk or similarAbility to support and provide artifacts for annual audits and ATO review process (FISMA, FISCAM, etc)Ability to maintain up-to-date knowledge with modern adversarial techniques and incident response proceduresTechnical understanding of network operations, server architectures, storage solutions, and desktop hardware and softwareDemonstrated ability to communicate in a clear, thorough, and timely manner using appropriate and effective tools and techniques with peers, supervisors, and members of senior leadershipDemonstrated ability to make decisions by assessing the situation to determine the importance, urgency, and risks, and making clear decisions which are timely and in the best interest of the organizationAWS, Azure experience strongly preferredTargeted Certifications
:CISSPCISAPCNSEInquisIT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, InquisIT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Management reserves the right to modify, add, or remove duties and to assign other duties as
#J-18808-Ljbffr
:Ensures adherence to security standardsActs as the point of contact responsible for the planning, development, test, and implementation of IT security controlsMaintains an understanding and documentation of system security baselinesDevelops and executes information security plans and policiesDevelop strategies and procedures to respond to, recover, and investigate security breach(es)Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threatsInstalls, configures, and updates firewalls, data encryption, and other security products to facilitate a secure postureConduct periodic network scans to identify and remediate vulnerabilitiesMonitor networks and systems for security breaches through the use of software that detects intrusions and anomalous system behaviorPenetration testing experience (burp suite)Experience and Qualifications
:9+ years of industry experience in an Information Security function with degree, 12+ years without degreeBachelor’s degree or equivalent experienceExperience with Palo Alto (preferred) or Cisco firewall, network security appliance administration and cloud securityExperience with vulnerability scanners and management, preferably Tenable Nessus and Qualys, managing POAMs and Risk Acceptance MemosPossess fundamental knowledge of Windows and Linux (RHEL) operating systems, and the ability to analyze network traffic and security eventsDemonstrated experience with RMF, A&A, IV&V, and continuous monitoringDemonstrated experience implementing and assess compliance with security baseline and controls (CIS Benchmark, DISA STIG, NIST 800-53)Experience with Log aggregation/SIEM tools such as Splunk or similarAbility to support and provide artifacts for annual audits and ATO review process (FISMA, FISCAM, etc)Ability to maintain up-to-date knowledge with modern adversarial techniques and incident response proceduresTechnical understanding of network operations, server architectures, storage solutions, and desktop hardware and softwareDemonstrated ability to communicate in a clear, thorough, and timely manner using appropriate and effective tools and techniques with peers, supervisors, and members of senior leadershipDemonstrated ability to make decisions by assessing the situation to determine the importance, urgency, and risks, and making clear decisions which are timely and in the best interest of the organizationAWS, Azure experience strongly preferredTargeted Certifications
:CISSPCISAPCNSEInquisIT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, InquisIT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Management reserves the right to modify, add, or remove duties and to assign other duties as
#J-18808-Ljbffr