Network Security Engineer

Job Description:

XOR Security is currently seeking talented Senior and Mid-level Network Security Engineers to support a federal SOC program. The SOC program provides comprehensive Computer Network Defense and Response support through 24×7×365 monitoring and analysis of potential threat activity targeting the enterprise.  Security Engineers will conduct Operations and Maintenance (O&M) of critical security infrastructure for a 24x7x365 SOC environment.

To support this vital mission, XOR staff are on the forefront of providing Advanced CND Operations, and Security Engineering support to include the development of advanced analytics and countermeasures to protect critical assets from hostile adversaries. To support the integrity, security, and resiliency of critical operations, we are seeking candidates with diverse backgrounds in security engineering and systems administration. The ideal candidate will have a solid understanding of complexities related to Operations and Maintenance (O&M) of critical security infrastructure for a 24x7x365 environment. Additionally, the ideal candidate would be familiar with managing and optimizing Palo Alto next-gen firewalls, FireEye HX/EX and other network security devices.

Please Note:  Currently the program is 100% remote.  Hours of operation are Monday through Friday during core hours and After the government requires return to work for the general population (date is TBD), onsite support will be required with one or more days a week remote.  

Basic Responsibilities:

• The Senior Network Security Engineer/SME will support the full system engineering life-cycle, including requirements analysis, design, development, test, implementation, maintenance, integration, and documentation of SOC infrastructure and SOC tool suite.
• The Senior Network Security Engineer will be installing, configuring, monitoring, and troubleshooting network security solutions and related monitoring tools including L2/L3 network security devices, IDS/IPS, Full packet capture, DLP, Endpoint (AV, DLP, Endpoint Detection & Response), and infrastructure supporting SEIM (Splunk).
• Responsible for supporting LAN/WAN security solutions including creating and maintaining LAN/WAN security standards and design documentation
• Develop and assist with new LAN/WAN security applications and hardware as assigned.
• Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell.
• Strong written and oral communication with the ability to communicate with team members, management and customer.

Required Qualifications:

• Senior Security Engineers require a BS degree Science, Technology, Engineering, Math or related field and 10+ years of prior relevant experience with at least 5 years experience directly supporting or participating in security operations.
• Mid Security Engineers require a BS degree Science, Technology, Engineering, Math or related field and 5+ years of prior relevant experience.
• Expert experience in the design, deployment, and maintenance of tools used to deliver the enterprise security capabilities in Firewalls, VPN Solutions, Web Application Firewalls, and Full Packet Capture solution.
• Strong proficiency in report writing and briefing senior management
• Excellent organizational and attention to details in tracking activities within various Security Operation and trouble ticket workflows.
• A working knowledge of the various operating systems (e.g. Windows, OS X, Linux, etc.) commonly deployed in enterprise networks, a conceptual understanding of Windows Active Directory is also required, and a working knowledge of network communications and routing protocols (e.g. TCP, UDP, ICMP, BGP, MPLS, etc.) and common internet applications and standards (e.g. SMTP, DNS, DHCP, SQL, HTTP, HTTPS, etc.).
• Experience with the identification and implementation of countermeasures or mitigating controls for deployment and implementation in the enterprise network environment.

Desired Qualifications:

• Detailed knowledge of key cyber technologies such as RSA Security Analytics (Netwitness), Splunk, Sourcefire, DLP, EDR, AV, strong networking skills, Storage Area Network, and IPv6
• Ability to learn and support new systems and applications
• Redhat, Cisco or Microsoft, Security+, or Network+ certifications
• Cisco Hardware and Storage
• Expertise in Networking, Linux and Windows

Closing Statement:

XOR Security offers a very competitive benefits package including health insurance coverage from the first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.

XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.

Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP and PUBLIC TRUST CLEARANCE REQUIRED