Reston Consulting Group
Senior Security Engineer - Clearable
Reston Consulting Group, Washington, District of Columbia, us, 20022
RCG is a growing federal contracting company and Certified as a Great Place to Work. We are looking for strongly qualified people to help support our clients. We are currently seeking a
Senior
Security Engineer
for a full-time position as part of an ongoing contract in Washington, DC.Please note: Due to the secure nature of this government agency, all candidates must be U.S. citizens and be eligible for a SECRET CLEARANCE. This is a Hybrid position with three (3) days on site and two (2) telework days after 30-60 days on site.The successful candidate will receive a contingent offer based on the outcome of a government background check. This will take several weeks, and the candidate cannot begin actual employment until the background check is successfully completed.Summary:The Sr. Security Engineer Position will design, develop, and implement comprehensive solutions including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specialize in local and enterprise-level incident response. The Sr. Security Engineer will perform multiple assigned technical tasks related to system and data security including audits, risk analysis, investigations, and mitigation of cyber risks and threats.Duties and Responsibilities:Provide real-time monitoring and situational awareness of security events and first-tier incident response and escalation to the ESOC per incident response policy and procedures.Manage and maintain a domain of OS-related tools. Tasks include user management, Windows/Linux patching and updates, Database management, Tenable Security Center, Cloudflare, etc.Deploy, maintain, and enhance existing Data Loss Prevention (DLP) capability and services to support active blocking of Personally Identifiable Information (PII) according to OS policy.Manage and monitor organization web application activities and enforce Web Security best practices.Design, manage and work with various security vendors and stakeholders to implement security infrastructure, including firewalls, antivirus solutions, intrusion detection/prevention systems, and other security appliances and software.Conduct regular vulnerability scans, assessments of supported systems and collaborate with the ISSO and vendors to remediate identified vulnerabilities.Perform end-user device threat containment and access control enforcing security policies and restrictions using network security technology.Evaluate and deploy security tools and technologies to enhance security posture.Maintain enterprise dashboards to provide situational awareness of cyber threats, events, and incidents to enable priority-based resourcing decisions.Experience with CRIBL and collaborate with stakeholders to forward log data from firewalls, packet capture, web proxy services, network flow analysis, intrusion detection, and malware analysis tools to ESOC.Required Qualifications:Bachelor’s degree in information technology or related field.Minimal of 7+ years of experience in the development and maintenance of security posture and incident response.Must have the ability to obtain a Secret ClearanceExperience in the following Security Technologies:
Sentinel OneSplunkEndpoint ManagementIdentity and Access ManagementIntrusion Detection and PreventionPatch Management (Windows and Unix)EDR (Endpoint detection and response)Web Security / Web Content FilteringVulnerability Scanning and Assessment ToolsFirewall and VPNSecure Email and Email FilteringSynack
Fluent in the English language, ability to problem solve with a sense of urgency, and the ability to work in a fast-paced environmentCertifications:Security +ITILv4Physical Demands:
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.RCG, Inc. does not discriminate against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibits discrimination against all individuals based on their race, color, religion, sex, sexual orientation/gender identity, or national origin.
#J-18808-Ljbffr
Senior
Security Engineer
for a full-time position as part of an ongoing contract in Washington, DC.Please note: Due to the secure nature of this government agency, all candidates must be U.S. citizens and be eligible for a SECRET CLEARANCE. This is a Hybrid position with three (3) days on site and two (2) telework days after 30-60 days on site.The successful candidate will receive a contingent offer based on the outcome of a government background check. This will take several weeks, and the candidate cannot begin actual employment until the background check is successfully completed.Summary:The Sr. Security Engineer Position will design, develop, and implement comprehensive solutions including computer security, scalable architectures, advanced analytics, artificial intelligence, and network/data center operations. Specialize in local and enterprise-level incident response. The Sr. Security Engineer will perform multiple assigned technical tasks related to system and data security including audits, risk analysis, investigations, and mitigation of cyber risks and threats.Duties and Responsibilities:Provide real-time monitoring and situational awareness of security events and first-tier incident response and escalation to the ESOC per incident response policy and procedures.Manage and maintain a domain of OS-related tools. Tasks include user management, Windows/Linux patching and updates, Database management, Tenable Security Center, Cloudflare, etc.Deploy, maintain, and enhance existing Data Loss Prevention (DLP) capability and services to support active blocking of Personally Identifiable Information (PII) according to OS policy.Manage and monitor organization web application activities and enforce Web Security best practices.Design, manage and work with various security vendors and stakeholders to implement security infrastructure, including firewalls, antivirus solutions, intrusion detection/prevention systems, and other security appliances and software.Conduct regular vulnerability scans, assessments of supported systems and collaborate with the ISSO and vendors to remediate identified vulnerabilities.Perform end-user device threat containment and access control enforcing security policies and restrictions using network security technology.Evaluate and deploy security tools and technologies to enhance security posture.Maintain enterprise dashboards to provide situational awareness of cyber threats, events, and incidents to enable priority-based resourcing decisions.Experience with CRIBL and collaborate with stakeholders to forward log data from firewalls, packet capture, web proxy services, network flow analysis, intrusion detection, and malware analysis tools to ESOC.Required Qualifications:Bachelor’s degree in information technology or related field.Minimal of 7+ years of experience in the development and maintenance of security posture and incident response.Must have the ability to obtain a Secret ClearanceExperience in the following Security Technologies:
Sentinel OneSplunkEndpoint ManagementIdentity and Access ManagementIntrusion Detection and PreventionPatch Management (Windows and Unix)EDR (Endpoint detection and response)Web Security / Web Content FilteringVulnerability Scanning and Assessment ToolsFirewall and VPNSecure Email and Email FilteringSynack
Fluent in the English language, ability to problem solve with a sense of urgency, and the ability to work in a fast-paced environmentCertifications:Security +ITILv4Physical Demands:
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.RCG, Inc. does not discriminate against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibits discrimination against all individuals based on their race, color, religion, sex, sexual orientation/gender identity, or national origin.
#J-18808-Ljbffr