Security Engineer - Analyst I IT Security - (Sterling) in Frederick, Maryland For Sale

DRS Technologies, Inc. DRS Technologies is a leading supplier of integrated products, services and support to military forces, intelligence agencies and prime contractors worldwide. Focused on defense technology, we develop, manufacture and support a broad range of systems for mission critical and military sustainment requirements, as well as homeland security. Headquartered in Arlington, VA, the Company is a wholly owned subsidiary of Finmeccanica SpA which employs more than 70,000 people worldwide. We offer a competitive compensation package and a business culture which rewards performance. For additional information on DRS, please visit our website at www.drs.com. Company Overview DRS Technical Services, Inc. successfully delivers quality systems and services to CONUS and overseas units. Our systems solutions encompass broad data distribution networks and complex telecommunications systems for data, voice and video applications over integrated satellite, terrestrial, and wireless networks. Our proven service history of engineering, installing, operating and maintaining innovative, low-risk, and cost-effective communications resources illustrates our commitment to supporting military, commercial, and relief efforts at home and around the globe. Job Location: Dulles, VA Job Title: Security Engineer / Windows Administrator - Analyst I IT Security Position Summary: Maintain the day-to-day operations of the in-place security solutions while identifying, investigating and resolving security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals. Duties and Responsibilities Maintain the day-to-day operations of the in-place security solutions while identifying, investigating and resolving security breaches detected by those systems Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments The IT Security Analyst is expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals Participate in the planning, design and implementation of enterprise security architecture Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) Participate in the planning, design and test of an enterprise Business Continuity Plan and Disaster Recovery Plan Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security Perform the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically Maintain up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (ie, security tools) or not (ie, workstations, servers, network devices, etc.) Maintain operational configurations of all in-place security solutions as per the established baselines Monitor all in-place security solutions for efficient and appropriate operations Review logs and reports of all in-place devices, whether they be under direct control (ie, security tools) or not (ie, workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution Participate in investigations into problematic activity and perform incident response functions as needed Participate in the design and execution of vulnerability assessments, penetration tests and security audits Provide on-call support for end users for all in-place security solutions Coordinate with end users and technical staff to implement and maintain systems that utilize industry best practices to meet business objectives, while maintaining the security and integrity of the data, system and network Generate metrics, project status reports and operating status reports for management and team members Prepare, coordinate and support user training and documentation and provide technical assistance for post-implementation support issues Provide service desk and technical support to users Perform routine to moderately complex problem analysis and resolution design for systems and applications Support, communicate, reinforce and defend the mission, values and culture of the organization Secondary Accountabilities Maintain timely and accurate helpdesk records using the ticket management system Update job knowledge by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations Accomplish organization goals by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments Protect organization's value by preserving the confidentiality of information Basic Qualifications Bachelor's Degree in Management Information Systems, Mathematics, Industrial Technology, Computer Sciences, a related field, equivalent experience or associate level vendor certification(s) 2+ years of relevant experience Demonstrated knowledge of state-of-the-art telecommunications security as well as data security across multiple computer platforms Demonstrated proficiency in the following software applications and operating systems: Installation and administration McAfee VirusScan with e-Policy Orchestrator User-level interaction with Splunk Enterprise (create/modify queries, basic user configuration tasks) Privileged-level access to Microsoft Windows Server xxxx/R2 and Windows 7, with full understanding of Active Directory concepts and methodologies Installation and administration of Tenable Nessus Installation and administration of DISA SCAP Compliance Checker Fundamental understanding and user-level interaction with open source software operating systems, such as Red Hat, SELinux, SUSE, or similar distributions Fundamental understanding and user-level interaction with VMware architectures and products, including vCenter Demonstrated proficiency in the review, auditing, and evaluation of applied Defense Information Systems Agency (DISA) Security Technical Implementation Guidance (STIG) and Security Requirements Guides (SRG), to include: Operating Systems Networks - Infrastructure, backbone transport Applications - Desktop, antivirus, database, remote desktop Deployment and use of Open Vulnerability and Assessment Language (OVAL)- and Security Content Automation Protocol (SCAP)- compliant tools Demonstrated fundamental understanding by evidence of training certificate or professional experience of one or more of the following Security Control or Certification Frameworks: Application, implementation, or verification of National Institute of Standards and Technology (NIST) Special Publication 800-53 technical controls or enhancements Application, implementation, or verification of technical controls required by DoD Risk Management Framework (RMF) Application, implementation, or verification of CNSSI xxxx technical controls or enhancements Application, implementation, or verification of ISO/IEC xxxx3 technical controls or enhancements Applicants must have a current DoD-approved Professional Baseline Certification (one or more of the following): CompTIA Security+ CE, OR; Global Information Assurance Certification (GIAC) Security Essentials Certification (GSEC), OR; ISC2 Systems Security Certified Practitioner (SSCP), OR; Cisco Certified Network Associate (CCNA) Security. Eligibility to obtain Secret Security Clearance is required US Citizenship is required. Strong verbal, written and interpersonal communication skills Ability to work independently as well as cooperatively in a team-oriented environment Ability to successfully interact with all levels of management, other IT professionals and end-users Strong analytic and problem-solving skills Is open and responsive to change and demonstrates a commitment to the process of continuous improvement by identifying and responding actively and with sensitivity to the needs of all customers Additional Desirable Qualifications Computing Environment Certifications are desired, to include: Microsoft Technology Associate (MTA); Microsoft Certified Solutions Associate (MCSA); Microsoft Certified Technology Specialist (MCTS): Windows Server; Intel Security Certified Product Specialist (ISCPS)-ePO; Tenable Certified Nessus Auditor (TCNA). Prior experience serving in roles equivalent to DOD xxxx.01-M IA Technical (IAT) I or II is desirable. Additional experience in any of the following tools or technologies, while not required, would also be desirable: DISA Assured Compliance Assessment Solution (ACAS) DISA Host-based Security System (HBSS) OpenSCAP 1.0 DRS Technologies, Inc. is an equal opportunity/affirmative action employer. We consider applicants without regard to race, color, religion, creed, gender, national origin, age, disability, genetic information, marital or veteran status, or any other category protected by federal, state or local law. #CA3
Source: http://www.juju.com/jad/xxxxxxxxqxl1tk?partnerid=af0exxxx314cbc501beebacaxxxx739d&exported=True&channel=staticfile&hosted_timestamp=xxxxa345f27ac5dcxxxx901a0cxxxxf15fxxxx46dxxxx77bb4c739a1fxxxxe6e