Information Security Engineer

Summary of Position:

The Information Security Engineer provides hands-on technical solutions to complex and detailed information security problems. This position provides technical leadership, design, installation, operation, service, and maintenance of a variety of information security systems. This individual ensures the proper deployment and management of solutions that support information security including virus detection, malware detection, intrusion detection and prevention systems, firewalls, data partitioning and masking, and other security solutions.

 Position Duties and Responsibilities:

·         Serve as the principle IT engineer for design and implementation of cyber security tools that protect and monitors various IT infrastructures.

·         Deploy and manage solutions that support the full information security environment including tools such as virus detection, malware detection, intrusion detection and prevention systems, and other network and information security tools.

·         Actively coordinate with the Corporate Security Team and Technology Center staff to provide required IT security and monitoring capabilities.

·         Manage the design, development, and deployment of IT solutions providing security engineering expertise and guidance. Define and coordinate security requirements within the various stages of the project development process.

·         Lead and support technical design, engineering, and implementation of emerging security technology. Evaluate, recommend, and integrate new security technology and tools by conducting feasibility studies, proof of concepts, pilot projects, and other research and development initiatives.

·         Research and evaluate current and emerging security technologies to support organizational cyber security objectives.

·         Maintain advanced understanding of the strengths and weaknesses of various security tools.

·         Evaluate vendor solutions against business requirements and provide recommendations to management.

·         Provide subject matter expertise and guidance in the development of cyber security policy and practices.

·         Apply knowledge of latest cyber security industry trends, technology tools and practices, and security threats to define cyber security processes and standards.

·         Conduct self-assessments of security processes, security tools, networks, and systems.

·         Identify weak controls and communicate vulnerabilities to Corporate Security and management.

·         Participate with Corporate Security in incident response and forensic analysis.

·         Provide training sessions and guidance to Infrastructure Team members and other Technology Center staff to ensure understanding of evolving information security environment.

·          Provide accurate and thorough documentation of processes and procedures to ensure compliance and enable coverage during outages.

·         Perform other duties as assigned. Job Requirements

Education:

·         Bachelor's degree in Computer Science, Management Information Systems, Engineering, Computer Security, Information Assurance or related field is required.

·         Advanced degree and additional DoD Information Security certification (GSLC, CISM, GSNA) is a plus.

Experience:

·         Minimum of 5 years strong experience in Information Technology Security and related technology.

·          Government or government contracting industry experience is a plus.

Skills:

·         Experience within multiple of the following areas required: computer networking, cloud and virtual machine environments, PKI, security engineering and architecture, programming, vulnerability assessments, or operating systems.

·         Administration expertise with correlation and analysis of security and event log data, IDS/IPS, vulnerability scanners, endpoint protection, SSL Decryption, Data Loss Prevention, penetration testing and protocol collection and analysis tools.

·         Security focused Administration of AWS, Windows, and Unix systems, network devices, proxy servers web server, virtualization, firewall, and DNS.

·         Experience with programming and scripting languages and text manipulation tools.

·         Strong troubleshooting skills in complex communication and network environments. 

·         Strong communication skills a MUST.

·         Working knowledge of government security standards (eg, HIPAA, Risk Management Framework, NIST 800-171, DISA STIGs, DSS ODAA Process Manual, FISMA, Fed-Ramp).

 

 

Other:

·         Ability to lift 30 lbs. (eg, computer equipment), walk (to end user stations) and bend (to install and connect equipment).

·          Must have the ability to obtain and maintain an active Security+ CE certification.

​

Company Description

Our vision: Every family in the United States has access to a high-quality, affordable child care system. The child care system supports children's growth, development, and educational advancement and creates positive economic impact for families and communities.

Our Mission: We advance a child care system that effectively serves all children and families.
Our work is strengthened by a national network of child care resource and referral agencies and diverse members and partners

Work location: Arlington, VA