ECS is seeking a Security Engineer to work in our Washington DC office.
Job Description:
- Experience with performing manual testing methods and procedures using STIGs, SRGs, and checklists
- DoD 8140 IAM or IAT Certification, including Security CE, CISM, CISSP, or CASP
- CEH or OSCP, and other SANS technical & Offense Security certifications strongly preferred
- Additional Qualifications:
- Experience with performing Cybersecurity risk assessments and mitigation
- Experience with Cloud and virtual environment security assessments
- Experience with Linux Red Hat and/or CENTOS
Required Skills:
- TS/SCI CI Poly Clearance
- 5 years of experience with Cybersecurity Security Control work, usually gained through experience performing the work of an Information System Security Officer (ISSO), Information System Security Engineer (ISSE), or Red/Blue Penetration testing experience
- 5 years of expert understanding of NIST publications, including other regulatory guidelines, OMB, NSS, etc.
- 3 years of experience with performing technical security assessments, including vulnerability assessments, security control reviews, and system configuration and log checks to support various audits
- 3 years of experience with information security policy development, review, implementation, or interpretation.
- 3 years of experience with planning and executing comprehensive Cybersecurity test events, including identifying applicable security controls, analyzing assessment procedures, and identifying and using required tools, including Retina, Burp, AppScanner, AppDetective, Samurai, Nessus, SecurityCenter, NMAP, Wireshark, Splunk or other log viewer, Assured Compliance Assessment Solution (ACAS), or Security Content Automation Protocol (SCAP)
- 3 years of experience in working with federal or DoD government implementation of the NIST RMF for SAA
- 3 combined experience of Penetration Testing or Persistent Penetration Testing, including sufficient knowledge of PT/PPT tools like Metasploit, and of concepts of PT methodologies
Desired Skills:
- CISSP
- Cloud
ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.
ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3000 employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.