Cyber Systems Engineer III
Vencore Chantilly, VA
Vencore is a proven provider of information solutions, engineering and analytics for the U.S. Government. With more than 40 years of experience working in the defense, civilian and intelligence communities, Vencore designs, develops and delivers high impact, mission-critical services and solutions to overcome its customers most complex problems.
Headquartered in Chantilly, Virginia, Vencore employs 3,800 engineers, analysts, IT specialists and other professionals who strive to be the best at everything they do.
Vencore is an AA/EEO Employer - Minorities/Women/Veterans/Disabled
The prospective candidate will be responsible for developing and supporting Cybersecurity tools and respective capabilities in defending and protecting the Vencore corporate network.
• Implement, develop and maintain FireEye Hx, Carbon Black Bit9, and McAfee endpoint security tools
• Implement QRadar in a complex network environment and assist security analysts in building operational processes around the QRadar ecosystem
• Develop QRadar content and correlation rules for malware detection
• Configure, troubleshoot and leverage security devices such as Solera Packet Capture, Cisco Sourcefire IPS, Cisco ASA firewalls and FireEye EX/NX
• Performs Computer Security Incident Response activities for a large organization, coordinates with other enterprise IT teams to record and report incidents. Work incidents from cradle to grave.
• Create, modify, and update Sourcefire IDS/IPS and Security Information Management (SIEM) tool rules
• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of security tools
Security Engineer/Analyst will be a proven leader with excellent oral and written communication skills, he/she should also be capable of working with a security team of varying experience levels to effectively monitor and investigate security incidents as well as make recommendations to improve the security posture of a large organization. Independent tasking and project completion with little supervision is a must. A candidate should have some or all of the following traits: Excellent analytical and problem solving skills as well as interpersonal skills to interact with users, team members and senior management; Subject Matter Expert-level skills in Incident Response and Intrusion Monitoring. Candidate must have a strong foundation of Network and Security skills, fundamental knowledge of Windows, Linux and Cisco operating systems, networking protocols and network traffic analysis, and information security; Experience with FireEye, RSAM, EnCase, Yara, OllyDbg, IDA Pro a plus.
Desirable certifications include CISSP, GREM, GCIH, GCIA, CEH, CISM, GCED, GCFA, OSCP
Requires 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD.
Ideally possesses an active TS/SCI clearance or must be able to obtain
Technical certifications are a plus.
This position requires a comprehensive knowledge and mastery of this field and the ability to complete difficult and complex assignments on time within a fast paced environment.
DESIRED SKILLS: Prior experience successfully providing the full range of IT cyber security tasks. Strong working knowledge with industry IT security tools,
VERBAL & WRITTEN COMMUNICATION SKILLS: Investigates, interprets, and responds to technical and/or complex IT security data. Demonstrated ability to work with matrixed resources in a team environment. Possesses strong organizational, time management and diplomacy skills.
COMPUTER SKILLS: Engineering related certifications, extensive experience with IT security tools, working technical knowledge of network, server, storage and desktop hardware and software