Cyber Network Engineer
Columbia, MD 21029
1.1.1. General Qualifications
Must meet all qualifications of the lower level cyber network engineer and must be able to support the additional tasks list below.
Must understand malware and the commercial products the permit interdiction of malware.
Must be able to integrate antimalware software with other commercial hardware and software products.
Must be familiar with McAfee's suite of anti-malware products, such as HBSS, GTI, ATD, and ePO and be able to integrate, operate, maintain, and sustain each.
B.S. In Computer Science, Cybersecurity, Software Engineering, or other Engineering discipline from an accredited college or university.
Four years of programming experience
Four years of analysis experience
Four years of experience with insider threat analysis software and techniques.
Three years of experience with network operations and analysis.
Three years of experience with cybersecurity operations, tools, and techniques.
Four years of experience with TCP/IP fundamentals.
Four years of experience with Windows Operating Systems administration.
Two years of experience with application servers.
Two years of experience with virtualization technology
* Administration of Linux/UNIX systems, network, web server, firewall, and DNS
* IDS/IPS, NetFlow, and protocol collection and analysis tools
* Working knowledge of TCP/IP or OSI network protocol stack, including major protocols such as IP, ICMP, TCP, UDP, SMTP, HTTP, and SSH.
* Working knowledge of popular cryptography algorithms and protocols such as RSA, SHA, Kerberos, and SSL/TLS
* Experience with log aggregation and SIEM tools
* Experience with vulnerability assessment and penetration testing tools
* Experience with programming and scripting languages and text manipulation tools
Expert experience with all aspects of Cyber Security and a variety of IT systems involving end users/enterprise level networks
Experience with designing and implementing systems that meet agency Cyber Security policies
Experienced NIST and FISMA security requirements and compliance standards
Experienced with Security Vulnerability Scanning Tools
Familiarity with networking concepts to include routers, firewalls, switches, load balancers, ports and protocols.
Experience working in a multi discipline Engineering environment
Familiarity with RSA enVision, Security Analytics or HP ArcSight
Understanding of virtual technologies (i.E. VMWare)
Familiarity with Public Key Infrastructure and Identity Management
Experience with interface definition/documentation
Experience using Microsoft Office tools (Word, Excel and PowerPoint)
Experience with engineering tools or processes
Familiarity with database concepts (Microsoft SQL, Oracle, MySQL, etc.)
Experience with scripting languages (bash, Perl, etc.)
* Deep knowledge of Active Directory.
* Suggested 3+ years of experience with engineering, architecting, and deploying enterprise wide Microsoft Active Directory technologies.
* Intermediate-level PowerShell coding experience.
* Intermediate-level Java and SQL development experience.
* Intermediate-level knowledge of privileged account isolation and privilege reduction concepts.
* Experience developing and refining threat-informed defense-in-depth security architectures for IDS/IPS/HIDS and etc.
* Possess basic experience or knowledge of enterprise IAM technology suites, and capabilities including but not limited to: Cloud Security Architecture, Authentication and federation, GPOs, Industry security frameworks, Incident response.
* Operational experience with various security technologies.
* Network communication basics.
* DevOps experience in writing and managing infrastructure as code.
* Understanding overarching solution functionality and implement new solutions for access management solutions.
* Solid foundation in implementation of cybersecurity software for identity, access, or privilege management for initial stand-up.
* Strong knowledge of Windows OS security management and server administration.
* Proven technical skills including knowledge in one or more of the following areas: Networks, Firewalls, Proxy servers, Sniffers; LDAP Directories; Domain controllers; Web servers, Web applications, Syslogs.
* Knowledge of authentication methods (RSA SecureID, Smart cards, Tokens, Radius, LDAP).
* Strong ability to troubleshoot issues and provide resolution.
* Ability and desire to continuously learn and work independently as well as with a team.
* Customer Service oriented nature.
* Ability to manage time well and meet multiple deadlines in a sometimes dynamic environment.
* Ability to discuss technical concepts and interdependencies of privileged access with other engineers.
Experience gathering high level functional and operational requirements
1.1.3. Job Functions
Assist in integrating McAfee products into client IT ecosystems and infrastructures. This includes integration with products of other vendors to achieve system of system solutions.
Perform operation, maintenance, and sustainment of McAfee products
Ensure all McAfee products and services comply with client process, procedure, and system security requirements.
Assist, as directed, in all activities related to the client's certification and accreditation process.
Implement proper configurations and tune McAfee products based on approved changes.
Support the integration of new sources of cloud malware data into the client's private cloud.
Develop and deliver current, accurate, and complete user instruction and training for McAfee products and services.
Support testing requirements
Conduct development efforts concerning cloud integration, cloud data mining, tools, and scripts.
Support the client's risk management, configuration management, systems engineering, test and evaluation, and life cycle support processes and practices, and provide necessary data and services as directed.
* Apply knowledge of latest cyber security industry trends, technology tools and practices
* Ensure and assist with the proper deployment and management of solutions that support information security including virus detection, malware detection, intrusion detection and prevention systems, firewalls, and other security solutions.
* Identify evaluate and implement technical security controls to continuously improve the organization's security posture.
* Timely and accurately deploy and support network-based security configurations and appliances
* Provide accurate and timely support of security tools, network-based security configurations, and appliances
* Monitor/tune intrusion detection, firewall, and vulnerability assessment tools.
* Research and evaluate current or emerging security technologies to support organizational cyber security objectives
* Evaluate, recommend and integrate new security technology and tools by conducting feasibility studies and proof of concepts
* Provide input on security requirements to be included as a part of technology and service procurement activities
* Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals
* Ensures that acquired or developed systems and architectures are consistent with the organization's security architecture guidelines
* Apply knowledge of latest cyber security industry trends, technology tools and practices to define cyber security processes and standards
* Define, develops, and manages cyber security management procedures, policies, standards, design, and support guidelines
* Apply security practices to communication and host based environments
* Manages cyber security compliance activities and drives improvements where needed.
* Execute and monitor security processes and events timely and in a manner that meets compliance requirements
* Identify weak controls and communicate vulnerabilities to management
* Apply understanding of regulatory standards to demonstrate compliance and subject matter expertise
* Plan and conduct reviews to monitor and evaluate system conformance with organizational security policies, standards and guidelines
* Define, coordinate security requirements within the various stages of the system development process
* Demonstrates strong trouble-shooting skills in complex communication environments
* Communicate cross functionally to gain consensus - works diligently to build an understanding with balanced participation
* Demonstrates strong problem solving skills - able to reason, think analytically and derive core concepts
* Design and document executable steps to enable consistency and sustainable of actions, with a particular focus on enabling through automation
* Evangelize and influence knowledge workers on the importance of security practices through marketing, education, and training platforms
* Ability to develop, communicate, and coordinate project plans and projects. Strong ability to multi-task and prioritize multiple projects and be a team leader and facilitate brainstorming sessions.
* Evaluates vendor solutions against MISO business requirements
* Understands product lifecycles and provides input for long and short-term planning
* Ability to make timely recommendations to effectively solve problems, using independent
* Operate and troubleshoot VM's in a virtual environment.
* Configuration and management of firewalls, networking and load balancing.
* Deployment automation, monitoring and maintenance of large-scale SaaS services.
* Communication and technical writing skills.
* Work as a team member under the supervision of direction of senior personnel.
* Execute technical solution reviews and pre-deployment checklists.
* Resolve design issues that impact solution functionality.