Security Engineer/Vulnerability Management

4 weeks ago


Washington, United States Bering Straits Native Corporation (BSNC) Full time

Overview:

Visit our website at www.beringstraits.com to apply

SUMMARY

Bering Global Solutions, LLC a subsidiary of Bering Straits Native Corporation is currently seeking a looking for a Security Engineer/Vulnerability Management for a project in Washington D.C. This position is remote however, you will be expected to come into the office occassionally. The ideal candidate for this job will serve as a Cyber Security Engineer within the federal clients Security Operations Center. A highly-motivated individual with a strong technical, leadership, communication, and organizational skills will succeed on this program. This person must be versed in IT Security principles, tools, and best practices, helping to ensure that all security solutions introduced into the environment are configured effectively and efficiently.

The goal of the Security Operations Center (SOC) team is to proactively monitor, identify, and remediate information technology security vulnerabilities and intrusions. The team needs to ensure that all operational security controls are appropriately applied and managed and that systems within the control of the SOC have appropriate security controls in place in accordance with the Federal Information Security Management Act (FISMA). To accomplish this goal, the security team is responsible for a broad suite of security technologies that include vulnerability scanning, malware detection, log file analysis, and enterprise-wide incident response and security information and event management (SIEM) tools. The engineer will be responsible for the implementation of new tools and operations and maintenance (O&M) of the clients current SOC suite of tools.

Responsibilities:

ESSENTIAL DUTIES & RESPONSIBILITIES

The Essential Duties and Responsibilities are intended to present a descriptive list of the range of duties performed for this position, and are not intended to reflect all duties performed within the job.

  • Administer and maintain a subset (two or three) of the clients wide variety of security tools including:
  • RSA Security Analytics/NetWitness
  • Palo Alto Firewalls
  • Symantec Endpoint Protection
  • Akamai Web Application Firewall
  • HP TippingPoint
  • Gigamon
  • Websense Web, Email, and DLP
  • RedSeal
  • SolarWinds
  • Tripwire IP360, CCM, and Enterprise
  • HP ArcSight
  • Splunk Enterprise
  • Bit9 Carbon Black
  • EnCase Enterprise
  • ForeScout CounterACT
  • Cylance Protect
  • Imperva SecureSphere Database Suite
  • Rapid7 Metasploit Pro and Nexpose
  • Architect and implement new security tools as they are acquired
  • Provide technical vulnerability identification and analysis
  • Assist with incident response as required
  • Cross-train and mentor other staff members
  • Assist with implementation and maintenance of security configuration baselines
Qualifications:

QUALIFICATIONS - EXPERIENCE, EDUCATION AND CERTIFICATION

Required (Minimum) Qualifications

  • Security+ Certification
  • Two (2) years' experience
  • Moderate-level understanding of basic computer and networking technologies
    • TCP/IP stack
    • Windows operating systems
    • Linux/Unix-based operating systems
    • Networking technologies (routing, switching, VLANs, subnets, firewalls)
    • Common networking protocols SSH, SMB, SMTP, FTP/SFTP, HTTP/HTTPS, DNS, etc
    • Common enterprise technologies Active Directory, Group Policy, VMware vSphere
  • Basic-level understanding of IT security principles, technologies, best practices, and NIST guidance
    • Logical Access Control
    • PKI and other encryption methods
    • Network-based and host-based IDS/IPS
    • Security configuration baselines DISA STIG, NIST USGCB
    • Auditing
    • Vulnerability discovery and management
    • NIST SP 800-53 rev. 4 control
  • Excellent analytical and problem solving skills. Ability to work independently to identify errors, pinpoint root causes, and devise solutions with minimal oversight.
  • Outstanding communications skills. Ability to communicate with senior management and federal client staff both technical and non-technical in a clear and concise manner using proper spelling, punctuation and grammar.
  • Bachelors Degree or higher in information technology-related field.
  • Word, Excel, PowerPoint

Desired Skillis

  1. Server Administration background Windows or Linux/Unix
  2. Coding/scripting skills Python, Bash, VBScript, LUA
  3. Bachelors Degree or higher in Computer Science or Electrical Engineering
  4. Interest in security/hacking culture. Ability to think like an attacker
  5. Certifications:
    • Certified Ethical Hacker (CEH)
    • Certified Information System Security Professional (CISSP)

PHYSICAL REQUIREMENTS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Must maintain a constant state of mental alertness at all times. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Essential and marginal functions may require maintaining physical condition necessary for bending, stooping, sitting, walking or standing for prolonged periods of time; most of time is spent sitting in a comfortable position with frequent opportunity to move about.

DOT COVERED/SAFETY-SENSITIVE ROLE REQUIREMENTS

  • This position is not subject to federal requirements regarding Department of Transportation safety-sensitive functions.

WORK ENVIRONMENT

Work Environment characteristics described here are representative of those that must be borne by an employee to successfully perform the essential functions of this job.

Job is performed in an office setting with exposure to computer screens and requires extensive use of a computer, keyboard, mouse and multi-line telephone system. The work described herein is primarily a modern office setting. Occasional travel may be required.

SUPERVISORY RESPONSIBILITIES

  • No supervisory responsibilities.

ADDITIONAL QUALIFYING FACTORS

As a condition of employment, may be required to pass a pre-employment drug screening, as well as have acceptable reference and background check results to obtain access to military base. Must have reliable transportation to/from work a necessity and must be able to obtain access to military installations.

Shareholder Preference. BSNC gives hiring, promotion, training and retention preference to BSNC shareholders, shareholder descendants and shareholder spouses who meet the minimum qualifications for the job.

Bering Straits Native Corporation is an equal opportunity employer. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender, or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law.

Equal Opportunity Employer/Veterans/Disabled

We participate in the E-Verify Employment Verification Program. We are a drug free workplace.

Visit our website at www.beringstraits.com for more details and to apply.



  • Washington, United States ShorePoint Full time

    **Who we are**: ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality and celebrates individual and...


  • Washington, United States ShorePoint Full time

    Job DescriptionJob DescriptionSalary: Who we are:ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard” mentality...


  • Washington DC, United States Bering Straits Native Corporation (BSNC) Full time

    Overview: Visit our website at to apply!SUMMARYBering Global Solutions, LLC a subsidiary of Bering Straits Native Corporation is currently seeking a looking for a Security Engineer/Vulnerability Management for a project in Washington D.C. This position is remote however, you will be expected to come into the office occassionally. The ideal candidate for...


  • Washington, United States ASRC Federal Full time

    ASRC FEDERAL Broadleaf Division is seeking a Vulnerability and Patch Management Engineer for our contract located at the Pentagon. JOB DESCRIPTION : * The candidate shall have an in-depth knowledge of multi-platform engineering; planning, coordinating, and executing patch management operations, creating baselines and configuring hardened systems. Candidate...


  • Washington, United States Tik Tok Full time

    Responsibilities TikTok is the leading destination for short-form mobile video. Our mission is to inspire creativity and bring joy. TikTok has global offices including Los Angeles, New York, London, Paris, Berlin, Dubai, Singapore, Jakarta, Seoul and Tokyo. Why Join Us Creation is the core of TikTok's purpose. Our platform is built to help imaginations...


  • Washington, United States ShorePoint Full time

    Job DescriptionJob DescriptionSalary: Who we are: ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard”...


  • Washington, United States ShorePoint Full time

    Job DescriptionJob DescriptionSalary: Who we are: ShorePoint is a fast-growing, industry recognized, and award-winning cybersecurity services firm with a focus on high-profile, high-threat, private and public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a “work hard, play hard”...


  • Washington, United States Security Assurance Management Full time

    Job DescriptionJob DescriptionJob Title: Security Account ManagerReports To: Director of Security Operations Job Summary: The Security Account Manager is responsible for overseeing and managing the security services provided to key clients. This role ensures client satisfaction, maintains security standards, and develops strategies to enhance security...


  • Washington, United States Experis Full time

    One of our premier clients in the DC metro area is seeking a Security Engineer for a long term role. This role is hybrid- requiring going on site 1 day a week & possibly other strategic meetings as needed. This must be filled by someone with a TS/SCI or eligible for one! Strong penetration testing background!: Metasploit of similar tools The specializing in...


  • Washington, United States Experis Full time

    One of our premier clients in the DC metro area is seeking a Security Engineer for a long term role. This role is hybrid- requiring going on site 1 day a week & possibly other strategic meetings as needed. This must be filled by someone with a TS/SCI or eligible for one! Strong penetration testing background!: Metasploit of similar tools The specializing in...


  • Washington, United States ASRC Federal Holding Company Full time

    ASRC FEDERAL Broadleaf Division is seeking a Vulnerability and Patch Management Engineer to support our customer located at the Pentagon. JOB DESCRIPTION: The candidate shall have an in-depth knowledge of multi-platform engineering; planning, coordinating, and executing patch management operations, creating baselines and configuring hardened systems....


  • Washington, United States Experis Full time

    One of our premier clients in the DC metro area is seeking a Security Engineer for a long term role. This role is hybrid- requiring going on site 1 day a week & possibly other strategic meetings as needed. This must be filled by someone with a TS/SCI or eligible for one! Strong penetration testing background!: Metasploit of similar tools The specializing in...


  • Washington, Washington, D.C., United States ASRC Federal Holding Company Full time

    ASRC FEDERAL Broadleaf Division is seeking a Vulnerability and Patch Management Engineer for our contract located at the Pentagon.JOB DESCRIPTION: The candidate shall have an in-depth knowledge of multi-platform engineering; planning, coordinating, and executing patch management operations, creating baselines and configuring hardened systems. Candidate will...


  • Washington, Washington, D.C., United States ASRC Federal Holding Company Full time

    ASRC FEDERAL Broadleaf Division is seeking a Vulnerability and Patch Management Engineer for our contract located at the Pentagon.JOB DESCRIPTION: The candidate shall have an in-depth knowledge of multi-platform engineering; planning, coordinating, and executing patch management operations, creating baselines and configuring hardened systems. Candidate will...


  • Washington, United States Serigor Inc Full time

    Job Title: Apps and Server Vulnerability Engineer (Onsite)Location: Washington, DCDuration:12 Months+Job Description:We are looking for a talented and experienced Application and Server Vulnerability Assessment Engineer to join our team. The ideal candidate will be responsible for performing comprehensive security assessments of web applications, mobile...


  • Washington, United States Serigor Inc Full time

    Job Title: Apps and Server Vulnerability Engineer (Onsite)Location: Washington, DCDuration:12 Months+Job Description:We are looking for a talented and experienced Application and Server Vulnerability Assessment Engineer to join our team. The ideal candidate will be responsible for performing comprehensive security assessments of web applications, mobile...


  • Washington, United States Serigor Inc Full time

    Job Title: Apps and Server Vulnerability Engineer (Onsite)Location: Washington, DCDuration:12 Months+Job Description:We are looking for a talented and experienced Application and Server Vulnerability Assessment Engineer to join our team. The ideal candidate will be responsible for performing comprehensive security assessments of web applications, mobile...


  • Washington, United States Serigor Inc. Full time

    Job DescriptionJob DescriptionJob Title: Apps and Server Vulnerability Engineer (Onsite)Location: Washington, DCDuration: 12 Months+Job Description:We are looking for a talented and experienced Application and Server Vulnerability Assessment Engineer to join our team. The ideal candidate will be responsible for performing comprehensive security assessments...


  • Washington, United States Serigor Inc. Full time

    Job DescriptionJob DescriptionJob Title: Apps and Server Vulnerability Engineer (Onsite)Location: Washington, DCDuration: 12 Months+Job Description:We are looking for a talented and experienced Application and Server Vulnerability Assessment Engineer to join our team. The ideal candidate will be responsible for performing comprehensive security assessments...

  • Vulnerability Manager

    2 months ago


    Washington, United States Peraton Full time

    About Peraton Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our...