Senior Security Engineer - Remote

Alexandria, VA

Job Description: 

XOR Security is currently seeking talented Senior Security Engineer for a Federal Agency Security Operation Center (SOC). Our project is aimed at establishing cutting-edge techniques for network defense capability with an optimized toolset.   

This effort will require a skilled engineer with leadership and hands-on technical experience designing, implementing, and maintaining enterprise SOC tools.  The candidate will be expected to have familiarity performing analysis on the operational network and to be able to deliver recommendations on network segmentation and architectural improvements.  The candidate will also ensure existing network infrastructure and configuration standards are adhered to when delivering projects.  The candidate should be able to coordinate engineering and analysis efforts between network, incident response and management teams. The candidate must have a strong understanding of networking, analysis and system administration at an operating system and application level, as well as experience with cloud architecture.   

Corporate duties such as solution/proposal development, corporate culture development, mentoring employees, supporting recruiting efforts, will also be required.  T

Position is contingent on successfully completing a program-based background investigation. 

Position Roles and Responsibilities: 

  • Support a SOC engineering team for a 24x7x365 program (core hours with on-call as needed). 
  • Provide hands-on engineering support to install, configur, monitor, and troubleshoot network security solutions and related monitoring tools including L2/L3 network devices, Network Admission Control (NAC), 802.1x, Firewalls, IDS/IPS, VPN Solutions, Web Application Firewalls, Content Filtering, and NetFlow Analysis. 
  • Deploy and maintain security infrastructure in both development and production environments. 
  • Provide technical consulting for enterprise security architecture. 
  • Evaluate new technologies and processes that enhance security capabilities. 
  • Test security solutions using industry standard analysis criteria and deliver findings reports with Analysis of Alternatives. 
  • developing network architectures, diagrams, security plans, and supporting information assurance 
  • Troubleshoot problems and provide customer support (core hours and on-call) for software, operating systems, middleware and application issues. 
  • Designs and stands up security tools, components, applications, and servers that meet production specifications and project schedules. 
  • Participate and lead large system and subsystem planning and integration projects. 
  • Write and update technical documentation such as user manuals, system documentation, and training materials. 
  • Identify solutions to potential network issues/embrace network simplification and strengthened security. 
  • Lead problem management and root cause analysis discussions with fellow network engineers, security engineers and analysts. 
  • Support the Security Impact Analysis (SIA), an analysis that is conducted by the security team to review the extent to which changes to the information system will affect the security state of the system. 

Required Qualifications:  

  • For Senior Engineer:  Minimum 7 years of experience with network systems engineering, systems development, and security engineering. 
  • Bachelor’s Degree in Computer Science, Computer Engineering, Information Systems or equivalent experience. 
  • Secret Clearance or above. 
  • Strong working knowledge of Security Services, Networking, Security Policy and Consulting.  
  • Advanced working knowledge of encryption algorithms, secure communications, SIEM technologies, embedded systems security; advanced working knowledge of network and data communication protocols.  
  • Familiarity with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards. 
  • Experience with Network based IDS/IPS technologies and affiliated modes of operation 
  • Experience responding to information security issues during each stage of a project’s lifecycle to include: supervise changes in software, hardware, facilities, telecommunications and user needs; using interpersonal skills to interact with customers and team members, strong written and oral communication, strong diagnosis and troubleshooting skills, ability to solve complex technical problems, and ability to learn and support new systems and applications.  
  • Experience administering hardware, software, operating systems, and application components of various isolated network environments. These components include Windows workstations/servers, Linux/Unix servers, Mac OSX, Dell, and security applications.   
  • Strong background in network engineering and systems administration with the ability to maintain systems with 99% uptime requirements (including on-call and weekend support if required). 
  • Experience with the configuration, installation of log management solutions, Dynamic/Static Malware Analysis systems, enterprise honeynet technologies, and Network/host-based security applications and appliances. 
  • Experience with deployment and documentation of enterprise project management and change management processes. 
  • Experience with the configuration, installation (including hardware deployment), or O&M of one or more of the following technologies:  Network Threat Hunting, Log Management, Crowdstrike Endpoint Detection and Response (EDR), Qradar SIEM, workflow and ticketing, and Intrusion Detection/Prevention System, Storage Area Network (SAN) platform, *NIX/Windows Operating Systems, and virtual and cloud computing (VMware, Azure, AWS). 
  • Draft technical requirements, configuration management, and planning documentation 

Desired Qualifications: 

  • Experience with Docker (managing containers, networking containers, container orchestration). 
  • Automation experience to support CI/CD pipeline (tools such as Ansible, Chef, Puppet) 
  • Strong Linux background. 
  • Understanding of command line scripting and implementation. (e.g., Python, Powershell) 
  • Strong understanding of networking. (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS). 
  • Ability to perform Netflow / packet capture (PCAP) analysis. 
  • One or more of the following certifications:  CISSP, CISSP-ISSEP, Security+, Network+, GCUX, GCLD, GPCS, GCSA, GWEB, GDSA, GCED, GCDA, GCWN, GSEC,  AWS Certified Cloud Practitioner, AWS Certified Solution Architect Associate, AWS Certified Developer Associate, AWS Certified SysOps Associate, AWS Certified Advanced Networking – Specialty, AWS Certified Solution Architect Professional, AWS Certified Data Analytics – Specialty, AWS Certified Solution Architect Professional, AWS Certified Specialty - Machine Learning, AWS Certified DevOps Engineer – Professional, AWS Certified Security – Specialty, Microsoft Certified: Azure Fundamentals, Microsoft Certified: Azure Administrator Associate, Microsoft Certified: Azure Solutions Architect Expert, Microsoft Certified: Azure Developer Associate, Microsoft Certified: Azure Security Engineer Associate, Microsoft Certified: Data Scientist Associate, Microsoft Certified: Data Engineer Associate, Microsoft Certified: Azure DevOps Engineer – Expert, Microsoft Certified: Azure Security Engineer Associate 

Closing Statement: 

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits. 

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V. 

Citizenship Clearance Requirement 
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and PUBLIC TRUST CLEARANCE REQUIRED. 

  

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Analytics Ansible Automation AWS Azure CI/CD CISSP Clearance Clearance Required Cloud Computer Science CrowdStrike Data Analytics DevOps Docker EDR Encryption Firewalls FISMA GCED GSEC IDS Incident response Intrusion detection IPS Linux Machine Learning Malware Monitoring Network security NIST PCAP PowerShell Puppet Python QRadar Scripting Security Impact Analysis SIEM SOC UNIX VMware VPN Windows

Perks/benefits: 401(k) matching Career development Health care

Regions: Remote/Anywhere North America
Country: United States
Job stats:  27  1  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.