Job Description

InquisIT is seeking a Cybersecurity Engineer to join us in Washington, DC. This role will have responsibilities that encompass Security Operations and Engineer skill sets to help secure customer cloud computing, data center, and on-premise environments. The successful candidate will help set up, operate, and manage/maintain a variety of security solutions including vulnerability management, endpoint security, security information and event management, and governance/risk/compliance. The candidate will also help develop and maintain security policy and procedures, perform incident response and business continuity testing, work with the NIST Cybersecurity Framework and CIS Benchmarks, and assist with security audits as needed. At various times, production security operations tasks such as analysis of security issues and responding to security incidents will be required. The successful candidate should be a team player with a dynamic personality that can work effectively with end users and management for resolution of security incidents.

This position is being offered as a hybrid role after an on-site probationary period.

Primary Job Responsibilities:

• Ensures adherence to security standards.
• Acts as the point of contact responsible for the planning, development, test, and implementation of IT security controls.
• Maintains an understanding and documentation of system security baselines.
• Develops and executes information security plans and policies.
• Develop strategies and procedures to respond to, recover, and investigate security breach(es).
• Develop or implement open-source/third-party tools to assist in detection, prevention, and analysis of security threats.
• Installs, configures, and updates firewalls, data encryption, and other security products to facilitate a secure posture.
• Conduct periodic network scans to identify and remediate vulnerabilities.
• Monitor networks and systems for security breaches through the use of software that detects intrusions and anomalous system behavior.
• Penetration testing experience (burp suite).

Experience and Qualifications:

• 9+ years of industry experience in an Information Security function with degree, 12+ years without degree.
• Bachelor’s degree or equivalent experience.
• Experience with Palo Alto (preferred) or Cisco firewall, network security appliance administration, and cloud security.
• Experience with vulnerability scanners and management, preferably Tenable Nessus and Qualys, managing POAMs and Risk Acceptance Memos.
• Possess fundamental knowledge of Windows and Linux (RHEL) operating systems, and the ability to analyze network traffic and security events.
• Demonstrated experience with RMF, A&A, IV&V, and continuous monitoring.
• Demonstrated experience implementing and assessing compliance with security baseline and controls (CIS Benchmark, DISA STIG, NIST 800-53).
• Experience with Log aggregation/SIEM tools such as Splunk or similar.
• Ability to support and provide artifacts for annual audits and ATO review process (FISMA, FISCAM, etc).
• Ability to maintain up-to-date knowledge with modern adversarial techniques and incident response procedures.
• Technical understanding of network operations, server architectures, storage solutions, and desktop hardware and software.
• Demonstrated ability to communicate in a clear, thorough, and timely manner using appropriate and effective tools and techniques with peers, supervisors, and members of senior leadership.
• Demonstrated ability to make decisions by assessing the situation to determine the importance, urgency, and risks, and making clear decisions which are timely and in the best interest of the organization.
• AWS, Azure experience strongly preferred.

Targeted Certifications:

• CISSP
• CISA
• PCNSE

Job Tags

Similar Jobs