Cybersecurity Engineer
Washington, District of Columbia, United States
phia LLC
At phia, trust us to solve the complex challenges of our connected world through top-tier cyber intelligence & threat hunting. Contact us.OVERVIEW: Are you looking for an ambitious new work environment to test & enhance your skills? Have you ever wanted to work for a company where you felt like part of a family? Are you interested in joining an amazing technical team?
phia, LLC is seeking a highly skilled Cybersecurity Engineer to join our team of qualified, diverse individuals supporting the U.S. Department of Energy (DOE). DOE is responsible for the protection of vital national security information and technologies, representing intellectual property of incalculable value throughout nearly thirty sites and laboratories nationwide. This position is located in Washington, D.C. and requires an active DOE Q SCI. Current Pandemic rotating schedule one week onsite; two weeks offsite.
DUTIES:
- Develop derived requirements for Information Assurance Services (Confidentiality, Integrity, Nonrepudiation, and Availability), Basic Information Assurance mechanisms (e.g., Identification, Authentication, Access Control, Accountability) and Security Mechanism Technology (Passwords, cryptography, discretionary access control, mandatory access control, hashing, key management, etc.).
- Code and work API integration using python, Java, etc.
- Apply a broad understanding of monitoring, analyzing, detecting, and responding to cyber events and incidents within information systems and networks.
- Manage system requirements and derived requirements to ensure the delivery of production systems that are secure and compatible with the defined system architectures.
- Work with a variety cyber defense and IT tools such as: Splunk, ElasticSearch, MISP, FireEye, Cisco Sourcefire, Palo Alto firewalls, Tanium, Snort, Bro, SolarWinds, Apache NiFi, and RedSeal.
- Advise on an integrated, dynamic cyber defense and leverages cyber security solutions to deliver cyber security operational services such as: intrusion detection and prevention (IDPS), situational awareness of network intrusions, security events and data spillage and incident response (IR) actions.
- Test, implement, deploy, and operate, the infrastructure hardware and software which are required to effectively manage the organization’s cyber security operational services.
- Install operate maintain cybersecurity systems, tools, and integrate data from sources.
- Apply/integrate cybersecurity engineering principles into infrastructure planning, design, and deployment.
- Lead or participate in an Integrated Product Team review to ensure security architecture integration.
- Generate alternative system concepts, physical architectures, security architectures and design solutions.
Requirements
REQUIRED QUALIFICATIONS:
- BA/BS in Computer Science, Information Technology, Information Security, or a related field or equivalent experience (two years of experience for each year of schooling).
- 6-12+ years of experience working in the areas of IT, systems administration, engineering, architecture, cyber, intelligence, information security, hunt, cyber operations, network forensics, insider threat, etc.
- Active Top Secret or Q clearance with an investigation within the last 5 years (sponsorship opportunities available for highly qualified candidates)
- Experience with coding in python, PowerShell, shell scripting, RESTful API, etc.
- Possess engineering and architecture skills to make efficient advisement for systems requirements.
- Experience providing full system’s lifecycle (design, testing, implementation, operations, maintenance and disposal) support for commercial and open-source tools
- Excellent knowledge of a wide variety of security solutions and technologies, including Linux, network architecture/implementation/configuration experience, firewall technologies, proxy technologies, anti-virus, spam and spyware solutions (gateway and SaaS), malware/security experience
- Must be highly motivated with the ability to self-start, prioritize assignments, and work in a collaborative team environment
PREFERRED QUALIFICATIONS:
- CERTIFICATIONS: one or more preferred – GCIH, GCFE, RHCE, CPTE, or CEH.
- MA/MS in computer science, information security, or a related field or equivalent experience.
- Preferred background with knowledge in incident response with experience in threat analysis.
- Knowledge and understanding of the MITRE ATT&CK framework with associated tactics, techniques and tools for attack method types and their usage in targeted attacks such as phishing, malware implantation, perimeter vulnerabilities, application vulnerabilities, lateral movement, etc.
WORK SCHEDULE: Core Hours (8am-5pm; start/end time flexible)
WORK LOCATION: Washington, D.C.
TRAVEL: < 5%
TELEWORK ELIGIBILITY: Pandemic rotating schedule one week onsite; two weeks offsite; normal operations ad-hoc with approval
SECURITY REQUIREMENTS: DOE Q Clearance / DoD Top Secret; Current SCI required. Must have had a valid investigation within last 5 years
Benefits
COMPANY OVERVIEW:
phia LLC ("phia") is a Northern Virginia based, 8a certified small business established in 2011 with focus in Cyber Intelligence, Cyber Security/Defense, Intrusion Analysis & Incident Response, Cyber Architecture & Capability Analysis, Cyber Policy & Strategy, Information Assurance/Security, Compliance, Certification & Accreditation, Communications Security, Traditional Security, and Facilities Security. phia also provides cyber operations support functions such as: Program and Process Management, Engineering, Development, and Systems Administration that allows for Cyber Operations to efficiently integrate our customer’s missions and objectives. phia supports various agencies and offices within the Department of Defense (DoD), Federal government, and private/commercial entities.
phia offers excellent benefits for full time W2 candidates to enhance the work-life balance, these include the following:
- Medical Insurance
- Dental Insurance
- Vision Insurance
- Life Insurance
- Short Term & Long-Term Disability
- 401k Retirement Savings Plan with Company Match
- Paid Holidays
- Paid Time Off (PTO)
- Tuition and Professional Development Assistance
- Flex Spending Accounts (FSA)
- Parking Reimbursement
- Monthly Payroll
Tags: APIs C CEH Clearance Compliance Computer Science Cryptography Cyber defense DoD Elasticsearch Firewalls Forensics GCIH Hashing Incident response Intrusion detection Java Linux Malware MISP MITRE ATT&CK Monitoring PowerShell Python SaaS Scripting Snort Sourcefire Splunk Strategy Top Secret Vulnerabilities
Perks/benefits: 401(k) matching Career development Flex hours Flex vacation Health care Insurance Startup environment Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs