Cyber Engineer II - SCE02 - Developmental Quantum Science Solutions is supporting a U.S. Government customer on a large mission critical development and sustainment program to design, build, deliver, and operate a network operations environment, including introducing new cyber capabilities to address emerging threats. QSS is seeking a Cyber Engineer to support the design, development, and deployment of advanced cybersecurity capabilities. The Cyber Engineer designs, develops, documents, analyzes, tests, integrates, debugs, conducts research and/or discovers and analyzes security flaws or vulnerabilities in software, networks, systems, and applications. The Cyber Engineer ensures system security needs are established and maintained for various objects/matters. Responsibilities:
• Analyze output from various security devices and malware and incident reports to improve detection of and to minimize future incidents
• Assess and analyze system security to identify and mitigate risks and vulnerabilities
• Recommend countermeasures to mitigate risks and vulnerabilities
• Prepare/Update documentation, including incident reports, security recommendations, etc.
• Assist in identifying, prioritizing, and coordinating the protection of critical cybersecurity infrastructure and key resources
• Perform basic system design functions, including interpretive analyses, chart preparation and associated diagrams/enhancement plans
• Test existing and new technologies
• Review/analyze requested changes for equipment, technology and/or other factors/trends, which are planned for deployment in the customer space
• Support the configuration and administration of cyber security tools and systems. Required Skills:
• U.S. Citizenship
• Must have an active Secret clearance and be able to obtain a TS/SCI clearance
• Must be able to obtain DHS Suitability
• 2 years of applicable experience in cyber security
• Experience with commercial cyber tools and technologies
• Experience with standard security principles, policies, standards and industry best practices
• Experience and knowledge of networking (TCP/IP, topology, sockets and security) and web technologies (Internet security)
• Experience or knowledge of intrusion detection and prevention systems (IDS/IPS), log analysis, malware analysis, network traffic flow and packet analysis
• Understanding and ideally experience with Windows or Linux/Unix operating systems (LINUX is used primarily for this position)
• Possesses or quickly develops an understanding of Government Information Security policies, regulations, and guidelines Desired Skills:
• Experience with Security Event Incident Management (SEIM), Log Correlation and Network Behavior Anomaly detection systems
• Experience and/or familiarity with development languages such as: Java, Swing, JUnit, Perl, Python, HTML
• Demonstrated experience and/or familiarity with VMware and virtual machines
• Ability to write custom tools and modify existing intrusion detection tools
• Experience with Agile development methodology
• Experience with automated testing tools
• Experience with one or more of the following:
o Security COTS integration
o Security Incident Event Management
o Insider Threat Monitoring
o Operating System Hardening
o Vulnerability Assessment testing
o Identification and Authentication schemes
o Public Key Infrastructure and Identity Management
o Cross Domain Solutions
o Computer Network Exploitation (CNE)
o Computer Network Operations (CNO)
o Malware Analysis
o Reverse Software Engineering
o Security engineering Required Education:
• Bachelor’s degree in Cyber Security, Information Security, Software Engineering or a related discipline is required. [Four (4) years of experience (for a total of six (6) or more years) may be substituted for a degree.]