Security Engineer Job at TEKsystems in Durham
TEKsystems, Durham, NC, US
Job Description
3170633
**U.S. Citizens**
Top Three Skills:
1) Vulnerability Management experience
2) Familiarity with setting up and configuring Security Center, Nessus, and Tenable (or even ACAS)
3) Experience running scans and using the reporting to provide corrective action and/or remediation.
4) Secret Clearance
Job Description:
This company was created in the aftermath of 9/11 to deliver rapid-response technical support to the U.S. Federal Government (Army, Navy, Air Force, Marines, DoD, NIS, CIA, FBI). That has expanded to include US State & Local governments, critical infrastructure, and Enterprise customers. They has the capability to support global governments. Part of their mission is being "ready to help all critical services, including financial institutions, healthcare, and others that play a critical role in a peaceful world. Our client strives to contribute to making the world a better place. Every individual here has their own personal stories that fuel our collective passion in this area."
There are multiple teams. For example, FTS (Focal Technical Support)provides the engineers that monitor and maintain the health of their customers' networks. The Splunk administrator will work on the IT Operations Team. This team is responsible for taking care of the internal needs from an IT standpoint within the organization. They are the IT team that keeps them working. The group continues to grow their client base and as they do, the services that they provide grow and mature, as well. The Ops team, must also create new service offerings to support those needs.
The security analyst needs to have vulnerability management experience performing security scans in the environment. Having experience with Security Center, Tenable or Nessus is required. Someone with ACAS experience and or one of the above technologies will allow the candidate to be successful in this role. The security analyst will have experience assisting with vulnerability management by configuring scans, and running them against policies. He/she will look at the scan reports, identify the critical findings, and then take necessary action for remediation.
Scans need to be run on all devices: servers, databases, and web applications.
Day-to-Day:
Look at authentication issues, where plugins have to be authenticated, reported, and evaluated. Were all these actual failures? Identify and fix if able. If not, escalate to the T3/T4 engineers.
Look over critical findings for trends and create an analysis report that can show what has been remediated and what still needs to be addressed. Direct these to the team and if they cannot be remediated, add them to the POAM.
This team has an audit coming up and the successful configuration and management of the Scans is a critical function.
This environment is extremely regulated, so certain data must be locked down. Due to that, they can't use the regular level of support that other teams use.