Enable job alerts via email!
DHS HSEN – Senior Security Tools Engineer
Versar
Washington
Remote
USD 80,000 - 130,000
Full time
Boost your interview chances
Job summary
An established industry player is seeking a Senior Security Tools Engineer to enhance security monitoring within a vital network. This exciting role involves managing a range of security tools and ensuring their optimal performance, as well as collaborating with a talented team of engineers and specialists to fortify the network's defenses. The position offers the flexibility of full-time telework, allowing you to work from anywhere while contributing to critical cybersecurity initiatives. If you are passionate about cybersecurity and eager to make a significant impact, this opportunity is perfect for you.
Qualifications
- 6+ years of experience in IT Services focusing on cybersecurity.
- Strong experience with SIEM and SOAR tools required.
Responsibilities
- Administer and maintain security tools and devices within the cybersecurity infrastructure.
- Support SIEM applications for data collection and aggregation.
Skills
Education
Tools
Job description
BayFirst Solutions, a subsidiary of Versar, Inc., is seeking a Senior Security Tools Engineer to support the DHS’ Homeland Security Enterprise Network (HSEN) within the Office of the Chief Information Officer (OCIO), IT Operations, Enterprise Engineering Division (EED). This Security Tools Engineer will be a member of a high functioning team of network and security engineers, data center specialists, and stakeholder groups, such as the DHS Network Operations Security Center – Cyber (NOSC-Cyber), ISSOs, and industry vendors, working to continually strengthen and secure HSEN and its data.
The candidate’s primary responsibilities are to provide for enhanced security monitoring and to own the creation, documentation, and administration to a category of security hardware and software to include tool areas like Data Migration Assistant (DMA), Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), malware analysis, forensics, encryption, continuous monitoring tools, and incident and case tracking and ticketing.
This role is eligible for full-time telework.
- Provide support for the administration, maintenance, configuration, patching, upgrades and optimization of security tools, devices, application systems, and servers and sensors within the cybersecurity infrastructure.
- Maintain SIEM applications to collect and aggregate IDS and IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements, and other security‐relevant devices.
- Support and evolve the interfaces between network, SOC, and systems information into the SIEM tool using information from the Information Assurance Compliance System (Xacta) and input from ISSOs; perform asset categorization and prioritization.
- Ensure tools administration with disaster recovery and fail-over procedures in place for security tools, databases, server roles to include but not limited to: DNS, Adm, Remote desktop, Active Directory, DNS, Remote Desktop, Domain Tools, Infoblox DNS Threat Analytics, DbProtect, Venafi, RedSeal, Burp Suite Pro, Suricata, SAVScan, NetWitness, ArcSight, FireEye, Swimlane, Splunk, Grafana, Crowdstrike, Wireshark, Broadcom Bluecoat, Sophos, Palo Alto MineMeld, Palo Alto DLP, Mcafee (ePO, DLP), Volexity, Symantec Endpoint Protection, ProofPoint, O365 DLP, FireEye (EX, HX, NX), CA PAM, Thycotic Secret Server, Sailpoint, RSA Archer, Tenable/Nessus, Tanium, and EnCase.
- At least six (6) years of professional experience in an IT Services environment, providing technical support with emphasis on cybersecurity and security tools.
- Demonstrated experience with network and security management tool suites, with an emphasis on SIEM and SOAR solutions.
- Knowledge of deploying, developing and maintaining in a virtual environment.
- Strong tools customization and integration skills, database, scripting and web front-end experience.
- Working knowledge of a variety of security / networking technologies to communicate and collaborate on issues and solutions with other engineers.
- Strong knowledge of IT security related to networks and applications.
- Must be resourceful in learning a very complex and dynamically changing network.
- Must be a self-starter, able to work independently, and able to manage time effectively.
- Working knowledge of cloud platforms such as AWS, Azure.
- Past experience working in a fast-paced SOC or NOC environment is a plus.
- Ability to communicate effectively with all levels of an organization from engineering, operations, and management.
- U.S. citizenship required and eligibility for a DHS EOD is required to be considered for this position.
BA or BS (Cyber Security, Computer Science, Information Systems, Software Engineering, Computer Engineering, or related field); relevant experience may be a substitute for education.
- Certification involving cybersecurity.
- Comptia Security+.
- Splunk.
- Swinlane.
- Knowledge of at least one programming or scripting language (ex. Python, PowerShell, PHP, Perl).
- Windows/Linux experience.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
