| Job Description: ||
Bachelor Degree in Electrical Engineering, Computer Science, Information Systems, Mathematics, or Business Administration OR equivalent experience in lieu of degree. This position requires a minimum of ten years professional experience in IT / network / security engineering.
Requires experience with Federal IT systems and experience in the Certification and Accreditation process with a full understanding of the System Development Life Cycle and FISMA process.
• 10 years of applicable experience.
• 5+ years of experience in the C&A with a full understanding of the SDLC and FISMA process,security policy and technical standard development, secure infrastructure design reviews, multi-tiered trust zone structures, and complex internetworking through multiple-level network security structures.
• Expertise and experience in performing security assessment of network devices (router, switch, firewall configuration), servers, workstations, Web applications and databases.
• Experience using vulnerability tools such as App Detective, Nessus, WebInspect, AppScan, Hailstorm, NetStumbler, NMAP, ISS, Fluke Analyzer, and Nipper.
• Expertise and experience in creating documentation such as Systems Security Plans, Contingency Plans, Test Plans, Findings Matrices and Network Diagrams.
• Knowledge of NIST and FIPS security controls.
• Expertise in conducting vulnerability testing on UNIX and Windows operating platforms.
• Experience and knowledge of Identity Management systems, Application Security, Web Application Security, SOA functions, PKI administration.
• Expertise and experience reviewing and understanding SSPs, network diagrams, SOPs, and SSDs; Virtualization, Remote Access and Secure Mobile Computing technologies.
• Possesses strong oral and written communications, client facing skills, and can articulate both written and verbally technical concepts to a variety of technical and non-technical audiences
Recommended Certification: CISSP, CAP, CCNA, CISA, GIAC, CISM, CEH, or similar information security professional certification
Requires ability to pass/maintain a DoD Secret clearance and TSA clearance. Active Secret is preferred.
Approximate travel requirement up to 20%.
We have an immediate opportunity in Arlington, VA for a Senior IT Security Engineer to join a dynamic team providing Information Assurance and Cyber Security related Testing Services.
Will provide testing capabilities on all IT Systems to include:
• Test scope, plans, and time frames for testing of IT Systems, Operating systems, Network devices and infrastructure; Databases (Oracle, MySQL, MS SQL, SQLite, PostgreSQL, Progressive etc.)
• Provide expert analysis of complex information technology Security related problems and provide technical expertise on the following: Remediation for vulnerabilities of operating systems, network devices, infrastructure and Database (Oracle, MySQL, MS SQL, SQLite, PostgreSQL, Progressive etc.).
• Generates consolidated test results.
• Provide testing plans on COTS/GOTS, Mobile Devices, Mobile Applications etc.
• Provide solutions oversight and guidance on all related TSA IT projects and implementations.
• Uses a variety of tools (Tenable Nessus, HP WebInspect, IBM AppScan, Nipper, NMAP, AppDetective, Fluke Network Tester) to provide full range of system security testing.
URS Corporation - a FORTUNE 500 Company - is a fully integrated engineering and technical services organization with the capabilities to support every stage of the project life cycle. URS provides these services for the U.S. federal government, national governments of other countries, state and local government agencies in the United States, FORTUNE 500 companies and other multinational corporations. We have approximately 50,000 employees in a network of offices in more than 30 countries. The Company’s business is focused on four key market sectors: Federal, Infrastructure, Power, and Industrial & Commercial.