Systems Security Engineer/ISSO
| Company | Bowhead |
|---|---|
| Location | Dahlgren, VA, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Mid Level, Senior |
Requirements
- Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Skill in using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).
- Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
- Skill in conducting application vulnerability assessments.
- Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
- Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
- Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Skill in applying host/network access controls (e.g., access control list).
- Skill in using Virtual Private Network (VPN) devices and encryption.
- Skill in securing network communications.
- Skill in protecting a network against malware (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
- Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
- Skill in performing impact/risk assessments.
- Skill to develop insights about the context of an organization’s threat environment.
Responsibilities
- Conducting vulnerability scans and recognizing vulnerabilities in security systems.
- Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).
- Conducting application vulnerability assessments.
- Identifying systemic security issues based on the analysis of vulnerability and configuration data.
- Sharing meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
- Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution.
- Performing impact/risk assessments.
Preferred Qualifications
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list).
- Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- Knowledge of network traffic analysis methods.
- Knowledge of Virtual Private Network (VPN) security.
- Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi), paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
- Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
- Knowledge of application security risks.