Computer Network Defense Security Engineer

Full-Time
Suitland, MD
Posted 2 months ago

E&M Technologies, Inc. is dedicated to recruiting and developing diverse, high-performing talent who are passionate about what they do. Our employees are unified in a shared dedication to our customers’ mission and quest for professional growth. E&M provides an inclusive, engaging environment designed to empower employees and promote work-life success. Fundamental to our culture is an unwavering focus on values, dedication to our communities, and commitment to excellence in everything we do.

E&M Technologies, Inc. is currently seeking a Computer Network Defense Security Engineer to support a Federal Government Client.

Job Description

  • Perform CND engineering and system administration of DCO tools; specifically install, operate, configure, upgrade, and maintain the entire suite of cybersecurity hardware and software systems in place or otherwise acquired to support the DCO mission. This includes system administration of cybersecurity tools as those recommended by DISA in the Network Infrastructure Policy Security Technical Implementation Guide (STIG) and includes system administration at both the operating system level and application level. Examples include but are not limited to Red Hat Enterprise Linux (RHEL), Windows Operating systems, Email Gateway/Filter appliance powered by Cisco, Vulnerability Scanner powered by Tenable, IDS/IPS powered by Cisco Firepower family of products, Endpoint Security powered by McAfee, SIEM powered by Splunk, RedSeal network mapping tool, and Packet Capture capability using Wireshark-like enterprise tools. Maintenance will include daily operations, configuration modifications, upgrades, patches, and new versions. The Contractor shall ensure changes to DCO division capabilities are done in accordance with approved process (e.g., ONI Configuration Management Request process, NAO/DAO change guidance, etc.).
  • Develop and maintain DCO monitoring functions using tools like Splunk, sensor architectures based on a wide variety of IP-Based sensor technologies and the contractor shall maintain access to cybersecurity Intelligence applications, and technical capabilities to include, but not limited to Splunk, Incident Response portals, network and host based IPS/IDS, web and email content filtering, digital forensics, and malware analysis technology.
  • Provide cybersecurity service provider support for Maritime Domain Awareness (MDA) LAN, an unclassified system/network that supports ONI missions at the unclassified level.
  • Provide technical guidance for effective and efficient response to cyber incidents, and propose strategies to prevent incidents from occurring or escalating as well as recommend improvements to cyber defense activities (i.e. monitoring, detection, analysis, response, and coordination).
  • The Contract shall ensure projects and initiatives focused on implementation of new products and technologies conform to CND security requirements, policies, standards, and best practices (e.g., Regulatory, CTOs, Directives, OPORDs, TASKORDs, ICS, STIGs, etc.) as well as are interoperable with current enterprise solutions.
  • Execute technical lead functions during cybersecurity exercises that require broader IC engagement (e.g., ICE STORM).
  • Develop and maintain documentation for each individual project and system. This includes but is not limited to: a) Requirements and Design Documents, b) Implementation Plans, c) Concept of Operations (CONOPS), d) Risk Management Framework Documentation, e) System/Network Diagrams, f) Work Breakdown Structure Project Schedule, g) Installation & Configuration Guides, h) Operations & Maintenance, and i) Analyst Operations Guides.

Minimum Qualifications

  • B.A./B.S. Degree in Computer Science, Information Technology, Information Assurance, or related area of study, or 15+ years of relevant professional experience in lieu of a degree.
  • Certified Ethical Hacker (CEH) and CompTIA Security+ CE certified.
  • 8+ years concentrated experience in the CND discipline regardless of having a degree or not.
  • 5+ year’s professional experience in the interpretation and implementation of the following policy documents: DoD Directive 8530.02M, Chairman Joint Chief of Staff (CJCS) Instruction 6510.01F, and CJCS Manual (CJCSM) 6510-018.
  • 3+ years professional Project or Program Management experience.
  • 6+ years professional experience in the design, development, integration, implementation, operation, and analysis of cyber security technologies used within the Department of Defense (DoD) and Intelligence Community (IC), as well as knowledge of federal cybersecurity initiatives.

Preferred Requirements

  • M.S. Degree in Computer Science, Information Technology, Information Assurance, or related area of study.
  • Project Management Professional (PMP) Certification.
  • Effective interpersonal, organizational, time management, writing/documentation, briefing skills with strong attention to detail.
  • Strong analytical, conceptual and problem solving skills.
  • Proven ability in communicating effectively with all levels of management, mission stakeholdersand customers developing/presenting presentations; conveying complex technical issues inbusiness terms.
  • Proven ability in thinking outside the box by providing innovative, creative solutions to complexcyber security Issues.
  • Proven ability in prioritizing, executing and completing tasks with little to no direction in high-pressure environment.
  • Significant experience establishing and managing high performing CND teams with a continuedfocus on development in the areas of individual and team mentoring/building skills.
  • Significant experience utilizing Federal, DoD, IC, and industry standards in the creation of “bestpractices,” manuals, and standard operating procedures.
  • Significant experience in the System/Software Development Life Cycle (SDLC) Process.
  • Significant experience in identifying and conducting research in emerging technologies andassessing their technical and performance characteristics.
  • Significant experience in writing technical documents addressing complex, sensitive issues.
  • Significant experience in the development and implementation of computer network defensetactics, techniques, and procedures (TI’Ps).
  • Significant experience in the proper classification, handling, and sanitization of classifiedmaterial.
  • Significant experience in the engineering, testing, configuration/tuning, administration andoperational use of Network Intrusion Detection/Prevention systems (NIDPS), such as Cisco ASA, HP Tipping Point, McAfee Intrashield, and host-based intrusion Detection/Prevention such as McAfee ePO (HBSS).
  • Significant experience in the engineering, testing, configuration/tuning, administration and operational use of vulnerability management and assessment technologies such as eEye Retina and Tenable Nessus (ACAS).
  • Significant experience conducting vulnerability assessments using Retina, Tenable Nessus (ACAS), WASSP, or SECSCN and subsequent remediation of security control deficiencies.
  • Significant experience in the engineering, testing, configuration/tuning, administration and operational use of Security Information and Event Management (SIEM) systems, such as HP ArcSight and Splunk.
  • Expert knowledge of policies and processes related to Computer Network Defense (CND) implementation, execution, and management.
  • Expert knowledge of incident management lifecycle processes required for the identification, categorization, eradication, response, recovery, and mitigation of cyber security incidents and breaches.
  • Expert knowledge of network security architecture concepts, including topology, protocols, and components (e.g., application of defense-in-depth).
  • Significant knowledge of common adversary tactics, techniques, and procedures (TIPs) in assigned area of responsibility (e.g., historical country-specific TIPs, emerging capabilities).
  • Significant knowledge of virtualization technologies such as VMWare and VirtualBox.
  • Significant knowledge of common enterprise service such as domain controllers, print, email, DNS, and web servers.
  • Significant knowledge of network traffic packet captures with capabilities such as WireShark aswell as analysis methodologies used with such capabilities.
  • Significant knowledge in identifying and classifying attack vectors, malware (detection and analysis), IDS/IPS rule/signature writing and countermeasure development.
  • Significant knowledge of firewall rules and routing rules. Significant knowledge of scripting andcoding languages (i.e. Python, Perl, Ruby, Javascript, PowerShell, etc. and C, C++, Java,VisualBasic.Net, PHP, AJAX).
  • Significant knowledge of forensic processes required for the collection, acquisition and analysis of forensic images and other data with tools such as EnCase Enterprise, EnCase CyberSecurity,LinEn, and netcat; recovery COs (such as ERD Commander or Hiren); and Syslntemals tools.
  • Significant knowledge of penetration testing I Red Teaming tactics, techniques, and procedures,including phishing and the use of various tools such as Backtrack/Kali, SamuraiWTF, NMap, Burp Suite, sqlmap, and Metasploit.

To Apply for this Position:

You must have the Minimum Qualifications in your resume to be selected as a candidate.

Employees may be eligible for a discretionary bonus in addition to base pay. Annual bonuses are designed to reward individual contributions as well as allow employees to share in company results. In addition, E&M Technologies, Inc. provides a variety of benefits including health insurance coverage, life and disability insurance, savings plan, Company paid holidays, and paid time off (PTO) for vacation and/or personal business. More benefit details here.

The health and safety of our employees and their families is a top priority. With the continuing impacts of COVID-19 around the world, we are taking action to protect the health and well-being of our colleagues and maintain the safety of the communities where we operate. As a federal contractor, and consistent with Executive Order 14042 (https://www.saferfederalworkforce.gov/contractors/) we will require all newly hired employees in the United States to be fully vaccinated by January 18, 2022, or by your start date if it is after January 18th. Federal guidance allows for disability/medical and religious accommodations with respect to the vaccine requirement. Any requested accommodations must be reviewed and approved (if applicable) in advance of your start date.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class. U.S. Citizenship is required for most positions.

Job Features

Job Category

Cybersecurity, Engineering

Req. ID

EM11-001

Citizenship

United States Citizen

Clearance Type

Top Secret/SCI

Travel Required

None

Apply Online

A valid email address is required.
A valid phone number is required.