Dexian DISYS
Security Engineer
Dexian DISYS, Washington, District of Columbia, us, 20022
Security Engineer
Job detailsPosted:
16 October 2024Location:
Washington, DCJob type:
PermanentReference:
940307Job description
Notes:ContractOnsite 2-3 days a week in D.C.Need experience with CrowdStrike, Sentinel, Azure (setting up the tools)Experience with vulnerability scans and Nessus scanning toolNeeds experience configuring security policies, access controls, NGFWs etcPOA&M updates, security testingConfiguration and setup of security toolsThis is being finalized but NGFW may be Palo Alto. Some tools - CrowdStrike, Nessus etcMust be a US Citizen and able to obtain a Public Trust ClearanceRequirement:
Experience with implementing/managing the implementation and configuration of all infrastructure components, applications, hardware, and tools.Experience validating intrusion detection system (IDS) alerts against network traffic using packet analysis tools.Provide and recommend computing environment vulnerability corrections.Experience in investigating and remediating security incidents and escalate, report, and provide regular updates of the incidents.Receive and analyze security alerts from various sources within the PTT network.Evaluate incidents identified by Tier 1 analysts using threat intelligence.Review cyber defense trend analysis tools, executing remediating and reporting status.Analyze running processes and configs on affected systems.Execute strategy for containment and recovery as needed.Interface with the Office of GSA IT Chief Information Security Officer (CISO) and its Security Operations division.Provide guidance, implementation recommendations, and assistance in developing a DevSecOps paradigm.Restore and recover from a compromise or breach.Maintain standard OS, hardening, and baseline configurations.Scrutinize all users, devices, data flows, and requests for access.Log, inspect, and continuously monitor all configuration changes.Document security controls using GSA processes and templates.Provide support for conducting security tests to validate required security controls.Respond to all potentially adverse events within PTT networks and platforms.Identify specific security weaknesses on target systems.Ensure all systems logs are properly captured.Utilize vulnerability assessment to identify unauthorized access points.Monitor, prevent, detect, respond, report, and correct unauthorized release of GSA data.Support the Assessment and Authorization (A&A) process for the PTT systems.Support Plan of Actions and Milestones (POA&M) findings and develop and implement remediation.Provide continuous operation and support for the SCIF.Experience with tools such as CrowdStrike, Microsoft Sentinel, Azure Monitor, Qualys, Splunk, and Microsoft Azure platform.Experience to quickly diagnose, respond to, and mitigate security incidents.Years of Experience:
Minimum of ten (10) years' experience or equivalent combination of education and training.Preferred Education/ Certification
Bachelor of Science and ApplicableSecurity Certifications such as CISSP, CISA
#J-18808-Ljbffr
Job detailsPosted:
16 October 2024Location:
Washington, DCJob type:
PermanentReference:
940307Job description
Notes:ContractOnsite 2-3 days a week in D.C.Need experience with CrowdStrike, Sentinel, Azure (setting up the tools)Experience with vulnerability scans and Nessus scanning toolNeeds experience configuring security policies, access controls, NGFWs etcPOA&M updates, security testingConfiguration and setup of security toolsThis is being finalized but NGFW may be Palo Alto. Some tools - CrowdStrike, Nessus etcMust be a US Citizen and able to obtain a Public Trust ClearanceRequirement:
Experience with implementing/managing the implementation and configuration of all infrastructure components, applications, hardware, and tools.Experience validating intrusion detection system (IDS) alerts against network traffic using packet analysis tools.Provide and recommend computing environment vulnerability corrections.Experience in investigating and remediating security incidents and escalate, report, and provide regular updates of the incidents.Receive and analyze security alerts from various sources within the PTT network.Evaluate incidents identified by Tier 1 analysts using threat intelligence.Review cyber defense trend analysis tools, executing remediating and reporting status.Analyze running processes and configs on affected systems.Execute strategy for containment and recovery as needed.Interface with the Office of GSA IT Chief Information Security Officer (CISO) and its Security Operations division.Provide guidance, implementation recommendations, and assistance in developing a DevSecOps paradigm.Restore and recover from a compromise or breach.Maintain standard OS, hardening, and baseline configurations.Scrutinize all users, devices, data flows, and requests for access.Log, inspect, and continuously monitor all configuration changes.Document security controls using GSA processes and templates.Provide support for conducting security tests to validate required security controls.Respond to all potentially adverse events within PTT networks and platforms.Identify specific security weaknesses on target systems.Ensure all systems logs are properly captured.Utilize vulnerability assessment to identify unauthorized access points.Monitor, prevent, detect, respond, report, and correct unauthorized release of GSA data.Support the Assessment and Authorization (A&A) process for the PTT systems.Support Plan of Actions and Milestones (POA&M) findings and develop and implement remediation.Provide continuous operation and support for the SCIF.Experience with tools such as CrowdStrike, Microsoft Sentinel, Azure Monitor, Qualys, Splunk, and Microsoft Azure platform.Experience to quickly diagnose, respond to, and mitigate security incidents.Years of Experience:
Minimum of ten (10) years' experience or equivalent combination of education and training.Preferred Education/ Certification
Bachelor of Science and ApplicableSecurity Certifications such as CISSP, CISA
#J-18808-Ljbffr