Cyber Security Engineer SME

Responsibilities performed in this capacity include but are not restricted to:

• Lead technical assessments of system/network topologies and write assessment reports
• Analyze IP network topologies, technical and operational vulnerabilities
• Review configurations of IP based network equipment such as routers, switches, firewalls, IDS/IPS, One Way Transfer (OWT) appliances for security policy and deployment guideline compliance, operating system and security patch updates
• Conduct and evaluate automated system and network scans using tools such as Wireshark, NMap, Nessus, Nipper
• Support external customer projects by providing system and network engineering expertise and cyber guidance in working groups, customer meetings, and in written communications to ensure the projects comply with Agency policy and regulations while fulfilling the customer’s operational requirements
• Provide cyber recommendations to architecture and design reviews.
• Evaluate network operations using network management platforms, network scanning tools, auditing functions
• Review procurement processes of hardware, software and services to comply with cyber and operational requirements
• Maintain current knowledge of relevant technology
• The individual performing this work will be required to work independently with little supervision and should be flexible to support customers located throughout the WMA.

Required skills:

• Clearance – TS/SCI with an appropriate Polygraph
• 16 years’ work experience and a Bachelor’s Degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience
• 10+ years of network/system engineering experience in a secure environment
• 5+ years supporting mission-based TCP/IP networks.
• Experience with planning, configuring, securing, and maintaining IP network products including routers, switches, wireless networking, VPN’s, IDS/IPS, Firewalls, One Way Transfer (OWT) appliances.
• Experience with planning, configuring, securing, and/ or maintaining cloud-based services such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud, IBM Cloud.
• Demonstrated experience with communications protocols such as IP, TCP, UDP, MPLS, OSPF, IGRP, BGP.
• Experience with network operating systems such as Cisco iOS, NXOS, JunOS.
• Virtualized Platform (VMware, Virtua Box, Microsoft Hyper -V, QEM U) experience.
• Experience with Windows Server (2012/2016), Windows Workstation (8.X, 10), Linux (Redhat/Debian), OSX operating systems.
• Knowledge and experience with encryption products, methodologies, configuration.
• Experience with Network Packet Capture and System analysis tools such as Wireshark, Snort, NMAP, Nipper Studio, Nessus.
• Experience with Network Management products such as HP OpenView, Solarwinds, Nagios.
• Familiar with cyber security standards such as Intelligence Community Directive (ICD) 503, Committee on National Security Systems Publication (CNSSP) 1253, Federal Information Processing Standards (FIPS) 140-2, 199, 200, National Institute of Standards and Technology (NIST) Special Publications 800-37, 800-39, 800-53.
• Experience with Computer Aided Design programs such as CAD or Visio.
• One or more of the following certifications:
  • Amazon Cloud Service Certification (Solutions Architect Associate or higher) or similar cloud certification
  • Cisco Certified Network Associate (CCNA), Cisco Certified Network Professional (CCNP),
  • Juniper NCSP, or Juniper NCP
  • Microsoft Certified Solutions Associate (MCSA) or Microsoft Certified Solutions Expert (MCSE)
  • Red Hat Certified Engineer (RHCE) or Red Hat Certified Security Specialist (RHCSS) or similar Linux certification
  • VMWare Certified Professional vSphere 5 (VCPS) or similar virtual machine certification
  • Certified Information Systems Security Professional (CISSP)
• The successful applicant must be able to meet the customer vaccination requirement.