Cyber Security Specialist (Federal)
Business Unit: Government Services
Requisition Number: 226726
Primary Location: United States-Virginia-Reston
Assignment Category: Full-time regular
Experience Level: Mid level
Education Required Level: Bachelor's Degree
Travel Required: No
Siemens Government Technologies, Inc. is a wholly-owned subsidiary of Siemens, uniquely qualified to perform work for the U.S. Government. We are focused on enhancing the safety and security of the nation's assets and infrastructure, as well as assisting to improve operational and energy performance.
As an independent U.S. company with its own Board of Directors, SGT maintains a unique relationship with Siemens. We are able to leverage resources of professionals world-wide with demonstrated domain expertise and proven past performance to manage large-scale, mission critical programs. The future of SGT is bright. By integrating world-class people, process, products and technology, SGT is expanding its role as an important part of our nation's security.
We offer a highly competitive compensation and benefits package, along with the opportunity to grow your career with a well-established company.
For more information, please visit: http://www.siemensgovt.com/
Siemens Government Technologies is seeking an individual for a position as a Cyber Security Specialist II located in Reston. VA. As a Cyber Security Specialist II you assist in identifying potential IT security threats and help in the remediation of those threats. As a Cyber Security Specialist II you should have an understanding of large scale security infrastructure, network protocols, security defenses, proactive defense measure, mitigation techniques, and incident response.
- Identify potential IT security incidents, assemble indicators to support conclusions, and work with the IT team to remediate findings.
- Analyze traffic flows, system logs, Perform risk assessments and testing
- Provide support to end users on a variety of IT and security issues.
- Respond to telephone calls, email and personnel requests for technical support.
- Assist in hardening and compliance review of Servers/Client OS (DHS/USGCB, etc.), Network Devices, and other IT assets.
- Perform preliminary forensic evaluations of internal systems.
- Perform periodic and AD-Hoc Vulnerability scans
- Perform a periodic accounts and workspace audits.
- Assess the scan results, web applications, network configurations, and recommend remediation procedures
- Correctly document, triage, and respond timely to management in the course of daily analysis and response duties
- Must be a US citizen with the ability to obtain a DOD Secret level security clearance
- Bachelor’s degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university
- Two (2) years of information security experience is required.
- Two (2) years of related experience and/or training in the field of IT security monitoring and analysis, cyber threat analysis, vulnerability analysis, or similar cyber security related field.
- Two (2) years hands-on experience performing traffic analysis, intrusion analysis and detection.
- Possess the ability to recognize publicly known attack traffic patterns.
- Two (2) years hands-on experience with any of the IDS (intrusion detections systems) tools.
- Two (2) years of IT system administration experience (Windows or Linux/Unix).
- Minimum 1 year of experience creating or maintaining security related documentation. Three years is highly preferred.
- Experience with Security operation centers (SOC)
- Possess fundamental knowledge and understanding of TCP/IP and the functioning of its component protocols. Hands-on experience using tcpdump or WireShark is a plus.
- Ability to correctly document, triage, and respond to management in a timely fashion
- Working knowledge of system and network exploitation, attack methodologies and intrusion techniques; denial of service attacks, man in the middle attacks, malicious code delivery techniques, automated network vulnerability and port scanning, key loggers, social engineering, network and system reconnaissance.
- Working or educational experience using enterprise security tools and technologies to include some of the following and/or closely comparable security technologies: Trend Micro, Websense,
- Understand what malicious code is, how it works, and how to mitigate its potential threat.
- Excellent communication skills, both oral and written.
- Knowledge of system and network administration, configuration best security practices, security controls and configuration standards as they apply to IT security.
- Possess a fundamental understanding of computer incident response, procedures (e.g., proper collection, thorough investigation, unequivocal validation, and internal escalation) and protocols.
- Working knowledge of NIST standards (NIST 800-53, 800-171 and FIPS 140-2).
- Knowledge of data security administration principles, methods, and techniques. Requires familiarity with domain structures, user authentication, multifactor authentication and digital signatures.
- Experience in the operation and theory behind Intrusion Detection Systems, and familiarity with SIEM Technologies, Web filtering gateway management, Antivirus and Vulnerability scanning and remediation process.
Must be a US citizen and will be subject to a federal government investigation to obtain a DOD Secret level clearance.