Cyber Security Project Engineer - TS-SCI-FS Poly Required
Company: Highlight Technologies
Location: Herndon
Posted on: June 25, 2022
Job Description:
Overview:Highlight is looking for a Cyber Security Project
Engineer to support a government customer in Northern Virginia. You
will be the Cyber Security expert who will perform and support
penetration testing activities.Responsibilities:
- Document all identified system risks, planned test procedures
taken, and test results.
- Perform analyses of vulnerabilities identified during
testing.
- Review program-level documentation (e.g., requirements
specification, system architecture, design documents, test plans,
security plans, Body of Evidence) to acquire enough requisite
knowledge of the system to conduct a penetration test.
- Recommend changes to program-level documentation with an eye to
reducing system vulnerabilities.
- Create and document penetration testing plans and
procedures.
- Use approved penetration testing plans and procedures to
conduct hands-on penetration testing.
- Analyze test results, document risks, and recommend
countermeasures and mitigation strategies to uncovered risks.
- Research, evaluate, and recommend Information Security policies
and guidance.
- Participate in technical exchange meetings and application
review boards.
- Document action items and results from technical exchange
meetings and application review boards.
- Brief management on the status of action items and/or results
of activities.Qualifications:
- U.S. Citizenship.
- Top Secret clearance, SCI eligibility (TS/SCI) with full scope
poly.
- Bachelors degree in Computer Science, Mathematics, Computer
Engineering, Information Systems, or other closely related IT and
Cyber Security discipline or equivalent work experience.
- Knowledge of:
- Risk management methodology.
- Managing document repositories in databases.
- Use of process tracking and document control software.
- Cyber security principles for Amazon AWS Cloud computing
platform and services.
- Experience with:
Cyber penetration testing.
- Applying computer attack methods and system exploitation
techniques.
- Designing, testing, or implementing IT security architecture
and complex Windows installations.
- Performing network security analysis.
- Analyzing network architectures.
- Using network management tools.
- Creating cyber security test plans.
- Leveraging adversarial tactics to conduct hands-on security
testing.
- Developing risk management methodologies.
- Analyzing test results to develop risk/threat mitigation
plans.
- Testing or reviewing system configuration, development, and
design specifically around enterprise systems and hypervisors.
- Scripting in Python or other equivalent interpreted
languages.
- Source code auditing, bug hunting or CTF experience.
- Manually auditing source code (One or more of: Java, Ruby,
Python, JavaScript, Rust, C others) to find security
issues.Desired:
- One or more of the relevant certifications:
- Certified Information Systems Security Professional
(CISSP)
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- GIAC Global Information Assurance Certification Penetration
Tester (GPEN)
- GIAC Cloud Penetration Tester
- Participating in public and private information security groups
and organizations.
- Communicating vulnerability results and risk posture to senior
executives.
- Researching, evaluating, and developing security policies and
guidance.
- Performing complex technical tasks with minimal direction.
About Highlight:For over ten years, Highlight has provided
Development and Modernization, Secure IT, and Mission Solution
services to our federal government customers. Our team knows the
technology; we understand how our customers and their stakeholders
work; and we know how to implement industry best practices to
deliver high-quality, end-to-end solutions that minimize risk and
maximize results.
Since our inception, Highlight has had an employee-first mindset.
Our mission is to provide employees with rewarding and impactful
career opportunities. In 2021, Highlight's founder and CEO, Rebecca
Andino, implemented an Employee Stock Ownership Plan to embody and
expand our culture of transparency, teamwork and rewarding the work
of our employees. By becoming an ESOP, our employee-owners share in
the success of the company through their ownership stake. To learn
more about ESOPS, check out: www.esopinfo.org.
We're an Equal Opportunity Employer (EOE) that empowers our people
to fearlessly drive change - regardless of their race, color,
religion, sex, gender identity, sexual orientation, national
origin, disability, veteran status, or other characteristics. Our
team is dedicated to foster diversity within our teams to promote
creativity, innovation, and teamwork to deliver the best solutions
for our customers.-:#cwhp
Keywords: Highlight Technologies, Germantown , Cyber Security Project Engineer - TS-SCI-FS Poly Required, Engineering , Herndon, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...