Abacus Technology is seeking a Cyber Security Engineer to provide security design, planning, architecture, Information Assurance (IA), Certification and Accreditation, and security engineering for IT enterprise networks, software development, and hardware. This is a full-time position.
DULUTH EIT SERVICES: Abacus Technology is hiring immediately for a recently-awarded large, long-term program. Full Scope Polygraph is required. Abacus has been selected as a subcontractor to provide regional enterprise IT services and devices to the end-user workforce of a large Government agency located across the Northeastern United States. IT Services include campus area networks and local area networks supporting end user desktop/laptop/tablet, phone, printers, copiers, and wireless devices. DULUTH interacts with a Global Service Desk and provides data and status for regional enterprise services.
Identify security requirements for the proper handling of data. Assist architects and system developers in identifying and implementing appropriate information security. Provide PMO interface to customer organization. Provide guidance to development and operational efforts regarding IA functions, particularly focusing strategic planning, infrastructure protection, and defensive strategy. Contribute to cyber security planning, assessment, risk analysis, risk management, certification, and awareness activities for systems and networking operations. Monitor and suggest improvements to policy. Lead projects. Plan, draft, and present trade studies, cost benefit analyses, reports and briefings as required. Conduct Cyber Threat Assessments (CTA) using a developed methodology and framework.
8+ years experience in network engineering with a focus on cyber security. Bachelor's degree in a related field or 5 additional years of experience in lieu of a degree. Must be Security+ certified and Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP) certified. Demonstrated experience in cyber security includes practices/methodologies, associated technologies, application design, and/or experience in an operational environment. Working knowledge of vulnerability assessments, system security design process, defense-in-depth/breadth, engineering life cycle, information domains, cross domain solutions, identification, authentication, and authorization, system integration, DCID 6/3, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, C&A process, principles of IA, and security testing. Experience installing, configuring, and operating network intrusion tools. Experience with monitoring intrusion detection and security information management systems to detect malicious activity on a network. Demonstrated experience with performing threat and security analysis of vulnerability advisories, network penetration techniques and military intelligence threat reports using certified automated tools. Strong understanding of security design and architecture. Able to work collaboratively across traditional engineering disciplines. Must have “hands-on” technical experience in the following areas: Linux system administration; VMware; operating system hardening; and Certification and Accreditation (ICD503 preferred). Comfortable applying knowledge of current IA policies and technologies as a contributor to the architecture and design of secure solutions to customer needs and requirements. Must be able to learn on the job and demonstrate good analytical skills. Must be a US citizen and hold an active/current TS/SCI with Full Scope Polygraph.
Applicants selected will be subject to a U.S. government security investigation and/or polygraph examination and must meet eligibility requirements for access to classified information.