Security Engineer

VariQ

(United States)

Full Time

Job Posting Details

About VariQ

VariQ is an information security and information technology services company delivering strategic solutions to technology-enabled enterprises. Core competencies include Cyber Security, IT Infrastructure support, and Program Management. VariQ is a Microsoft Gold Partner and a Symantec Platinum Partner.

Summary

VariQ is looking for a Security Engineer to support the Bureau of Engraving & Printing (BEP) within the Department of the Treasury in Washington, DC. Project duration is for a period of 1 year, with 4 option years.

Responsibilities

* Administer, tune, and optimize BEP's Security Information and Event Management (SIEM) tool and associated event feed systems, devices, and processes.

* Assist in the design, testing, deployment, and day to day operations of enterprise cyber security solutions and devices such as Firewalls, Secure File Transfer, Network and Host - based Intrusion Detection/Prevention (IDS/IPS) products, Asset Discovery and Scanning systems.

* Provide IT Security Operations Support which includes: vulnerability and patch management processes; hardware and software asset inventory discovery and scan systems and processes; and configuration processes.

* Security Device and product monitoring, detection, and analysis.

* Cyber Threat Intel gathering - providing up to date knowledge on emerging cyber threats and mitigation techniques.

* Incident Response duties as required.

* Develop and implement a Continuous Monitoring system and processes.

* Technical documentation development, such as Standard Operating Procedures (SOPs), Design recommendations, product test and evaluations metrics, other cyber security technical documentation as needed/required.

Administer, tune, and optimize BEP's Security Information and Event Management (SIEM) tool and associated event feed systems, devices, and processes.
Assist in the design, testing, deployment, and day to day operations of enterprise cyber security solutions and devices such as Firewalls, Secure File Transfer, Network and Host - based Intrusion Detection/Prevention (IDS/IPS) products, Asset Discovery and Scanning systems.
Provide IT Security Operations Support which includes: vulnerability and patch management processes; hardware and software asset inventory discovery and scan systems and processes; and configuration processes.
Security Device and product monitoring, detection, and analysis.
Cyber Threat Intel gathering - providing up to date knowledge on emerging cyber threats and mitigation techniques.
Incident Response duties as required.
Develop and implement a Continuous Monitoring system and processes.
Technical documentation development, such as Standard Operating Procedures (SOPs), Design recommendations, product test and evaluations metrics, other cyber security technical documentation as needed/required.

Ideal Candidate

* Previous work and/or other hands-on experience in a large cyber-security operations and engineering environment.

* Previous hands - on experience, for a bare minimum of two years, in the design, configuration, administration, tuning and optimization of the following devices:

* SIEMs - ArcSight and QRadar strongly preferred.

* Vulnerability Scanning and large enterprise Asset Discovery products - Tenable PVS/Nessus strongly preferred.

* Patch Management and Patch Management products/solutions

* Network and Host-based Intrusion Detection/Prevention (IDS/IPS) products - McAfee IDS/IPS and HBSS, Symantec SEP, Sourcefire strongly preferred.

* Enterprise Firewalls, State-full Inspection and Applications aware/based - Cisco ASA, Palo Alto/others strongly preferred.

* Typical Windows Servers, Linux/Red-Hat Servers - build from ground up, configure, administer, maintain.

* Packet Analysis, Network sniffers and other test and discovery equipment and products

* Must have a strong understanding of the OSI Seven-Layer model, and associated ports, protocols, and services and how they are used and also how they can be exploited.

* Must have a strong understanding of and experience with packet analysis.

* Needs to have a solid understanding of common operating systems, applications, network devices (routers, switches, etc.) and routing and switching protocols.

* Work knowledge evaluating contingency plans, configuration management plans, security configuration checklists, STIGs and IAVAs, and other direction and guidance.

* And understanding of malware is required and malware reverse engineering skills are highly desirable.

Previous work and/or other hands-on experience in a large cyber-security operations and engineering environment.
Previous hands - on experience, for a bare minimum of two years, in the design, configuration, administration, tuning and optimization of the following devices:
SIEMs - ArcSight and QRadar strongly preferred.
Vulnerability Scanning and large enterprise Asset Discovery products - Tenable PVS/Nessus strongly preferred.
Patch Management and Patch Management products/solutions
Network and Host-based Intrusion Detection/Prevention (IDS/IPS) products - McAfee IDS/IPS and HBSS, Symantec SEP, Sourcefire strongly preferred.
Enterprise Firewalls, State-full Inspection and Applications aware/based - Cisco ASA, Palo Alto/others strongly preferred.
Typical Windows Servers, Linux/Red-Hat Servers - build from ground up, configure, administer, maintain.
Packet Analysis, Network sniffers and other test and discovery equipment and products
Must have a strong understanding of the OSI Seven-Layer model, and associated ports, protocols, and services and how they are used and also how they can be exploited.
Must have a strong understanding of and experience with packet analysis.
Needs to have a solid understanding of common operating systems, applications, network devices (routers, switches, etc.) and routing and switching protocols.
Work knowledge evaluating contingency plans, configuration management plans, security configuration checklists, STIGs and IAVAs, and other direction and guidance.
And understanding of malware is required and malware reverse engineering skills are highly desirable.