IT and Cyber Test Support Senior
Arlington, VA

Job Description

We are looking for an Application / Web Security Engineer who possesses a very strong and broad background in IT Security to include application / web security. This engineer will provide security architecture and engineering expertise across agency initiatives to ensure a secure enterprise that includes internal systems, cloud services and external/third-party service provider systems. Additionally, the individual will perform research, evaluation and engineering of security technology, products, and solutions designed to safeguard, monitor, and assess the security of an organization's IT assets.

* Must have strong experience with open source programming languages (Python, java, django, PHP);
* Must have strong experience of application security best practices, standards, including OWASP;
* Must have experience performing web penetration testing or vulnerability assessments;
* Must possess experience installing, configuring, tuning/operations of file security, web application security tools including firewalls, and database security tools.
* Understanding of Ethernet networking and components;
* Understanding of web protocols;
* Database security and network security experience is a plus.

Qualifications and Education/Certification Requirements
Professional Experience: 5-7 years
Minimum/General Experience : Two years of experience providing network security services with an additional year of experience with general information technology support. Network security services experience should include a working knowledge of at least three of the following networking and network security devices/software: routers, firewalls,encryption, network and/or host based intrusion detection, intrusion prevention,security information management, anti-virus, vulnerability management, and patch management.
Functional Responsibility : Responsible for providing intrusion detection, prevention, and network security monitoring support for a variety of security technologies.
Minimum Education and Experience : B.A. or B.S. in related field with two years network security services experience.Degree may be substituted with three additional years of network security services experience.

Possess the following experience:

* Proficiency with Windows and Linux Operating Systems
* Detailed knowledge of open source application security programming languages and best practices/frameworks (OWASP)
* Detailed technical knowledge of database and operating system security
* Thorough understanding of latest security principles, techniques, and protocols
* Create new ways to solve existing enterprise security issues
* Ability to translate tactical issues and address them from a strategic perspective.
* Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
* Awareness of current information security and privacy issues and the ability to interpret the requirements of relevant policies and standards set forth in OMB memoranda and NIST documentation,specifically, 800-37, 800-53A, FIPS-199/200, and 800-30.
* Ability to assess and weigh current and evolving security and privacy risks in an operational environment.
* Proven problem management skills with the ability to think critically. Must be able to leverage technology and apply critical thinking to gather, aggregate,and analyze data, and present results to senior clients.
* Ability to work effectively in a team management environment and participate in collaborative initiatives which foster the mutual exchange of knowledge and expertise.
* Ability to make decisions and resolve problems effectively - Seek out information and data to evaluate, prioritize and formulate best solution or practice.
* Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
* Demonstrate leadership and foster collaborative team approach - interacts well with front line and senior management providing consultation and expert advice on information security related topics.
* Effectively navigate political landscape and build and strengthen relationships at all levels to include other divisions and government vendor partners.
* Strong presentation and consulting skills.
* Must be able to develop meeting agendas and materials as well as facilitate meetings with the client.

Strong verbal and written communication skills are required.Effective ability to effectively interact with various levels of senior management is necessary. Candidates must possess strong client interfacing and interpersonal skills. Candidates must be fluent in the English language.

Candidates may be asked to provide a writing sample.

Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be clearable to Public Trust.