Job Description
Security Engineer Job Description
Notes:
- Contract
- Onsite 2-3 days a week in D.C.
- Need experience with CrowdStrike, sentinel, azure (setting up the tools)
- Experience with vulnerability scans and Nessus scanning tool
- Needs experience configuring security policies, access controls, NGFWs etc
- POA&M updates, security testing
- Configuration and setup of security tools
- This is being finalized but NGFW may be Palo Alto. Some tools - CrowdStrike, Nessus etc
- Must be a US Citizen and able to obtain a Public Trust Clearance
Requirement:
- Experience with implementing/managing the implementation and configuration of all infrastructure components, applications, hardware, and tools including but not limited to the following:
- Experience validating intrusion detection system (IDS) alerts against network traffic using packet analysis tools.
- SE shall provide and recommend computing environment vulnerability corrections.
- Experience in investigating and remediating security incidents and escalates, reports and provides regular update of the incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment to the GSA IT Incident Response team.
- SE will receive and analyze security alerts from various sources within the PTT network and determine possible causes of such alerts.
- SE will evaluate incidents identified by Tier 1 analysts. Use threat intelligence such as updated rules and indicators of compromise (IOCs) to pinpoint affected systems and the extent of the attack.
- SE shall review cyber defense trend analysis tools, executing remediating and reporting status.
- Analyze running processes and configs on affected systems. Carry out in-depth threat intelligence analysis to find the perpetrator, the type of attack, and the data or systems impacted.
- Execute strategy for containment and recovery as needed, while evaluating all data points to determine entry point and risk to a system.
- The SE shall interface with the Office of GSA IT Chief Information Security Officer (CISO) and its Security Operations division, as necessary, to manage and maintain compliance and assurance of systems security objectives.
- The SE shall working with the PTT team, provide guidance, implementation recommendations, and assistance in developing a DevSecOps paradigm for PTT operational efforts.
- Restore and recover from a compromise or breach, leveraging Infrastructure as Code (IaC) implementations to quickly bring systems back online.
- Maintain standard OS, hardening, and baseline configurations using approved images for all devices including network, security, server, storage and end user devices such as laptops and mobile devices that are government furnished.
- Heavily scrutinize all users, devices, data flows, and requests for access.
- Log, inspect, and continuously monitor all configuration changes, resource accesses, and network traffic for suspicious activity.
- Document security controls using the GSA processes and templates. This includes documenting and maintaining security diagrams, plans, procedures, policies, logs, and reports for relevant systems and system components.
- Provide support, as required, for conducting security tests to validate that required security controls are properly implemented, operate as intended, and produce the desired outcome.
- Respond, as necessary, to all potentially adverse events within PTT networks and platforms, in coordination with and as advised by the PTT IT Director and GSA CISO.
- Identify specific security weaknesses on target systems, especially variances from baseline hardening and configurations, and provide recommended techniques and/or improvements to strengthen the security of the target system.
- Ensure all systems logs are properly captured and included in security monitoring activities per PTT and GSA security standards.
- Utilize vulnerability assessment to identify unauthorized access points or potential implementation weaknesses.
- Monitor, prevent, detect, respond, report, and correct the unauthorized release of GSA data utilizing provided tools, processes, and sound security practices.
- Support the Assessment and Authorization (A&A) process for the PTT systems as necessary. GSA CISO is responsible for overall coordination and management of the A&A process.
- Support Plan of Actions and Milestones (POA&M) findings and develop and implement remediation. The SE shall work with the ISSO, support to remediate and close open POA&M items in accordance with GSA IT procedural guide POA&M CIO-IT Security-09-44. The SE working with the ISSO shall update open POA&M items weekly or more frequently, as required, due to the nature or severity of the findings.
- Provide continuous operation and support for the SCIF.
- Have experience with tools such as CrowdStrike, Microsoft Sentinel, Azure Monitor, Qualys, Splunk and Microsoft Azure platform.
- Experience to quickly diagnose, respond to, and mitigate security incidents using SD-WAN, NGFW, and SASE tools.
Years of Experience:
- Minimum of ten (10) years' experience or equivalent combination of education and training that provides for the required knowledge, skills, and abilities in core areas of Security Engineering, SOC Analysis, Security tools configuration and management.
Preferred Education/ Certification
- Bachelor of Science and Applicable
- Security Certifications such as CISSP, CISA
Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.
Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit to learn more.
Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.
Dexian - DISYS
Job Tags
Contract work, Immediate start, Worldwide, 2 days per week, 3 days per week,