| Job Description: |
Minimum Requirements:
Bachelor’s degree or equivalent and 10 years of related experience.
Minimum of 4 years in IT Security or Microsoft Infrastructure, Active Directory and engineering
Must have knowledge of Vulnerabilities of OS's, Web Applications, Databases etc.; Knowledge of CISCO, Network Devices & Protocols & Firewalls, OSI Model.
Requires knowledge of FISMA/NIST, Web Application vulnerabilities scanning and testing in both manual and automated environments -
Knowledge of scanning tools such as Nessus, ISS, IBM Appscan, Webinspect, Nipper is required.
Knowledge of OS’s such as Linux, Windows Server 2003 & 2008, MacOSX, Sun Solaris; Encryption standards and programming language such as Perl, Python, C#, Java etc.
Must have a Web Application Development background with PHP, PERL, JAVA, ASP, .Net, FLASH, AJAX languages.
Must be able to pass/maintain Secret clearance (interim Secret eligible); active secret / EOD preferred.
Job Description:
URS Corporation - a FORTUNE 500 Company - is a fully integrated engineering and technical services organization with the capabilities to support every stage of the project life cycle. URS provides these services for the U.S. federal government, national governments of other countries, state and local government agencies in the United States, FORTUNE 500 companies and other multinational corporations. We have approximately 50,000 employees in a network of offices in more than 30 countries. The Company’s business is focused on four key market sectors: Federal, Infrastructure, Power, and Industrial & Commercial.
Combining deep experience in federal government with expertise driving the latest innovative technology advancements, the URS ISG (Information Solutions Group) delivers mission critical IT and communication solutions; defining, optimizing, and implementing IT solutions that help our clients achieve their mission. Areas of expertise include: Secure Cloud Computing, Integrated Cyber Solutions, Software and System Engineering, Enterprise Management and Network Engineering.
We have an immediate opportunity in Arlington VA for an experience Security Engineer well versed in IT risk and vulnerabilities assessment/oversight:
Perform Certification and Accreditation (C&A) and Test and Evaluation (T&E) on TSA systems in compliance with FISMA and NIST; Test Web Applications for Security Vulnerabilities - Perform security risk assessments and testing on COTS/GOTS Applications installed on TSA workstation, Laptop & Servers.
Perform scanning with the following tools: Gargoyle, Tenable Nessus & NMap, ISS, IBM AppScan, Webinspect, AppDetective.
Research and gather vulnerabilities reports/bugs on COTS/GOTS known vulnerabilities listed on the Internet.
Provide oversight to engineering of new and current systems in Linux, Web Applications, Microsoft Infrastructure & active directory, MS SQL, Exchange 2003 & 2007.
Will create reports on the fly with PERL and other programming languages from Web Logs, SMTP logs, etc.
30% to 40 % travel - combination local /national.
|
