CyberSecurity EngineerPRINCIPAL II
Dulles, VA

Job Description

All levels of Information System Security Analyst will have the skills listed below. Each level may have additional education, skill and/or experience requirements.

The Information System Security Analyst applies current technologies to the design, development, evaluation and integration of computer information systems and networks to maintain system security. May work with commercial computer product vendors in the design and evaluation of state-of-the-art secure COTS applications, operating systems, networks and database products and technology. Provides security engineering and integration services to internal customers. Involved in a wide range of issues including secure architectures, secure electronic data traffic, network security, information security and privacy. Uses encryption technology, penetration, risk management and vulnerability analysis of various security technologies and information technology security research. Develops security systems for any manual or automated systems environments. Responsible for ensuring the protection of company data against unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification. May prepare security reports.

Perform Information Systems Security Engineering functions.

Perform technical security assessment to identify points of vulnerability, non-compliance with information assurance (IA) standards and recommend mitigation strategies.

Validate and verify system security requirements definitions and analysis and establish system security designs.

Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.

Assess and mitigate system security threats/risks throughout the program life cycle.

Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.

Develop and review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content.

Apply system security engineering expertise to one or more of the following: system security design process, engineering life cycle, information domain, cross domain solutions, commercial off-the-shelf and government off-the-shelf cryptography, identification; authentication; and authorization, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, certification and accreditation process, principles of IA (confidentiality, integrity, non-repudiation, availability, and access control), and security testing.

Recommend hardware, software, and develop policies and procedures to investigate malware incidents for multiple networks.

Develop analysis and make recommendations for hardware and software that will mitigate malware intrusions.

Develop, implement and maintain the information system security posture across multiple networks

Perform analysis on large data sets.

Provide security services for certification and accreditation (C&A) requirements, including developing and maintaining information assurance documentation for all network components.

Support continuous monitoring and FISMA compliance.

Conduct bi monthly vulnerability scans and reconcile results, and report all findings.

Experience with one or more of the following: Netezza, Mantra Centrifuge, Aginity Workbech, LYNXeon Cyber Solutions, VIAssist, IN-SPIRE, CyberSource, iClass, SPSS, Max Mind, Quova, etc.

Experience with Earned Value Management Systems (EVMS), compliant with ANSI/EIA Standard 748-B required.

Establish common processes across tasks, including configuration management (CM), risk management, quality assurance (QA), etc.

Experience with ArcSight desired.

SourceFire experience required.

MANDATORY SKILLS: Ten (10) or more years of systems development experience required.

[A Masters degree in a related discipline may substitute for two (2) years of experience. A PhD may substitute for four (4) years of experience.]

Bachelors degree in Information Security, Cyber Engineering or a related discipline is required.

[Twelve (12) years of experience (for a total of twenty-two (22) or more years) may be substituted for a degree.]

DoD 8570.1-M Compliance at IAT/IAM Level II (e.g., Certified Information Systems Security Professional (CISSP)) certification required.

Cisco Certified Network Professional (CCNP), Cisco Certified Security Professional (CCSP) or similar certification required

OPTIONAL SKILLS: Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification preferred.

SourceFire Certified Professional (SFCP) certification desired.

About Avid Technology Professionals

Avid Technology Professionals, LLC (ATP) is a premiere provider of software and systems engineering, and acquisition program management services for the community. ATP is actively seeking to pursue contract opportunities with other departments and agencies in the federal government, in state governments, and in the commercial sectors. Delivered by seasoned experts in the IT field, ATP solutions adeptly address the IT concerns manifesting in both the federal and commercial sectors.

Employee Benefits

The ATP Employee Benefits package includes:

* A Supportive and Equitable Working Environment that is both Stimulating and Challenging
* Competitive Hourly Salary
* Unique Employee Success Sharing Program that allows ATP employees to Share in Company's Successes
* Automatic Approved Overtime (as long as contract permits)
* Retirement Pay (401K); 100% company paid, immediately vested with Profit-Sharing Component
* Company Medical Coverage Plans - HMO, Open Access, PPO plans
* Company Dental Plan - widely accepted, comprehensive, and flexible
* Progressive Overtime Policy
* Flexible Spending Account benefit
* Lucrative Referral Bonus Policy
* Holiday Scheduling that Coincides with Government Holidays
* Robust Professional Expenses & Training Program
* Computer Allowance
* Internet Allowance
* Short and Long Term Disability
* Life Insurance

On TWITTER

http://ja.twitter.com/AvidTecPros