InquisIT LLC
Cyber Security Engineer
InquisIT LLC, Washington, District of Columbia, us, 20022
Current job opportunities are posted here as they become available.Subscribe to our RSS feeds to receive instant updates as new positions become available.InquisIT is seeking a Cybersecurity Engineer to join us in Washington, DC.This role will have responsibilities that encompass Security Operations and Engineer skill sets to help secure customer cloud computing, data center, and on-premise environments. The successful candidate will help set up, operate, and manage/maintain a variety of security solutions including vulnerability management, endpoint security, security information and event management, and governance/risk/compliance. The candidate will also help develop and maintain security policy and procedures, perform incident response and business continuity testing, work with the NIST Cybersecurity Framework and CIS Benchmarks, and assist with security audits as needed. At various times, production security operations tasks such as analysis of security issues and responding to security incidents will be required. The successful candidate should be a team player with a dynamic personality that can work effectively with end users and management for resolution of security incidents.This position is being offered as an onsite role with hybrid potential after probationary period.Primary Job Responsibilities:
Ensures adherence to security standards.Acts as the point of contact responsible for the planning, development, test, and implementation of IT security controls.Maintains an understanding and documentation of system security baselines.Develops and executes information security plans and policies.Develop strategies and procedures to respond to, recover, and investigate security breach(es).Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats.Installs, configures, and updates firewalls, data encryption, and other security products to facilitate a secure posture.Conduct periodic network scans to identify and remediate vulnerabilities.Monitor networks and systems for security breaches through the use of software that detects intrusions and anomalous system behavior.Penetration testing experience (burp suite).Experience and Qualifications:
9+ years of industry experience in an Information Security function with degree, 12+ years without degree.Bachelor’s degree or equivalent experience.Experience with Palo Alto (preferred) or Cisco firewall, network security appliance administration and cloud security.Experience with vulnerability scanners and management, preferably Tenable Nessus and Qualys, managing POAMs and Risk Acceptance Memos.Possess fundamental knowledge of Windows and Linux (RHEL) operating systems, and the ability to analyze network traffic and security events.Demonstrated experience with RMF, A&A, IV&V, and continuous monitoring.Demonstrated experience implementing and assess compliance with security baseline and controls (CIS Benchmark, DISA STIG, NIST 800-53).Experience with Log aggregation/SIEM tools such as Splunk or similar.Ability to support and provide artifacts for annual audits and ATO review process (FISMA, FISCAM, etc).Ability to maintain up-to-date knowledge with modern adversarial techniques and incident response procedures.Technical understanding of network operations, server architectures, storage solutions, and desktop hardware and software.Demonstrated ability to communicate in a clear, thorough, and timely manner using appropriate and effective tools and techniques with peers, supervisors, and members of senior leadership.Demonstrated ability to make decisions by assessing the situation to determine the importance, urgency, and risks, and making clear decisions which are timely and in the best interest of the organization.AWS, Azure experience strongly preferred.Targeted Certifications:
CISSPCISAPCNSEInquisIT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, InquisIT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Management reserves the right to modify, add, or remove duties and to assign other duties as necessary.
#J-18808-Ljbffr
Ensures adherence to security standards.Acts as the point of contact responsible for the planning, development, test, and implementation of IT security controls.Maintains an understanding and documentation of system security baselines.Develops and executes information security plans and policies.Develop strategies and procedures to respond to, recover, and investigate security breach(es).Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats.Installs, configures, and updates firewalls, data encryption, and other security products to facilitate a secure posture.Conduct periodic network scans to identify and remediate vulnerabilities.Monitor networks and systems for security breaches through the use of software that detects intrusions and anomalous system behavior.Penetration testing experience (burp suite).Experience and Qualifications:
9+ years of industry experience in an Information Security function with degree, 12+ years without degree.Bachelor’s degree or equivalent experience.Experience with Palo Alto (preferred) or Cisco firewall, network security appliance administration and cloud security.Experience with vulnerability scanners and management, preferably Tenable Nessus and Qualys, managing POAMs and Risk Acceptance Memos.Possess fundamental knowledge of Windows and Linux (RHEL) operating systems, and the ability to analyze network traffic and security events.Demonstrated experience with RMF, A&A, IV&V, and continuous monitoring.Demonstrated experience implementing and assess compliance with security baseline and controls (CIS Benchmark, DISA STIG, NIST 800-53).Experience with Log aggregation/SIEM tools such as Splunk or similar.Ability to support and provide artifacts for annual audits and ATO review process (FISMA, FISCAM, etc).Ability to maintain up-to-date knowledge with modern adversarial techniques and incident response procedures.Technical understanding of network operations, server architectures, storage solutions, and desktop hardware and software.Demonstrated ability to communicate in a clear, thorough, and timely manner using appropriate and effective tools and techniques with peers, supervisors, and members of senior leadership.Demonstrated ability to make decisions by assessing the situation to determine the importance, urgency, and risks, and making clear decisions which are timely and in the best interest of the organization.AWS, Azure experience strongly preferred.Targeted Certifications:
CISSPCISAPCNSEInquisIT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, InquisIT complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.The above statements are intended to describe the general nature and level of work being performed by the individual(s) assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required. Management reserves the right to modify, add, or remove duties and to assign other duties as necessary.
#J-18808-Ljbffr