MAXISIQ is seeking a System Security Engineer, who enjoys security work and possesses both deep and wide expertise in the security space. You will work as part of dynamic team keeping computer systems and network devices hardened against attacks and securing information systems. Qualified candidates will have a background in security and systems engineering. This is a full-time, onsite, day role, supporting operations in Lorton, VA.
What You Will Be Doing
- Engineer, implement and monitor security measures for the protection of computer systems and networks
- Work closely with the ISSO, systems and network engineering teams to maintain architecture security posture
- Research and investigate vulnerabilities and their impact to the system
- Remediate and harden Windows and Linux virtual machines
- Work with systems and network engineering teams to build asset repositories and asset scan policies
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Implement tools to assist in detection, prevention and analysis of security threats
- Manage a comprehensive scanning strategy to identify vulnerabilities and confirm remediation
- Work with and configure a variety of security tools such as Anti-Virus, IDS/IPS, SIEM technologies.
- Automate security testing
- Provide certification and accreditation support and RMF based continuous monitoring support
- Configure and execute Nessus vulnerability and compliance scans
- Configure and manage Trellix ePolicy Orchestrator
- Ensure traceability of all vulnerabilities from raw assessment results to a system POA&M
- Conduct vulnerability analysis to support mitigation and residual risk determination
- Provide guidance and recommendations for continuous monitoring technologies, leveraging current available technologies and recommending solutions to address gaps
Required Experience
- Minimum of 6 years of related experience
- Proven work experience as a system security engineer or information security engineer
- Experience in Windows and Linux operating system environments and scripting skills
- Familiarity with network specific security toolsets, Suricata, iptables, Zeek, etc..
- Experience working with DISA Security Technical Implementation Guides (STIGs)
- Experience building and executing Nessus scans
- Experience working with Tenable’s Security Center
- Experience working with ePolicy Orchestrator
- Possess working knowledge of the DoD CS policy requirements set forth in DoDI 8500.01, “Cybersecurity,” and DoDI 8510.01, “Risk Management Framework (RMF) for DoD Information Technology”
- Thorough understanding of the latest security principles, techniques, and protocols
- Strong organizational skills and an ability to stay focused while managing multiple tasks concurrently
- Problem solving skills and ability to work under pressure
- Detailed oriented
Clearance
- Top Secret/Sensitive Compartmented Information (TS/SCI) clearance required
All your information will be kept confidential according to EEO guidelines.
#CJ
We are an Equal Opportunity Employer that considers all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or any other protected class.
