Blue Team Cyber Security Engineer (Senior-Level Engineer/Analyst)

Blue Team Cyber Security Engineer (Senior-Level Engineer/Analyst)
Secret Required
One or more of the following desired:CEH, CISSP, Security+
Position Responsibilities:
Blue Team roles include risk assessment, detailed technical recommendations, and coordination of remediation and mitigation strategies.
Develop and perform high-speed discovery, configuration auditing, asset profiling, sensitive data discovery, compliance, and vulnerability analysis of the overall enterprise security posture. Communicate recommendations to the responsible parties, tracking of remediation and verify security patches and required configurations.
Analyze available security information including results of configuration compliance verification, vulnerability scans, database assessments, security and system patch information, field reports, OIG reports, and intelligence information to assess the status of remote organizations and their cyber security posture.
Support incident response, threat analysis, forensics and penetration testing teams by performing on-demand and targeted identification, compliance and vulnerability scans.
Leverage various data sources (CDM, Splunk, RSA Archer, penetration tests) to identify systemic and/or critical misconfigurations, vulnerabilities, and unresolved threats to DOS networks.
Conduct Blue Team exercise and Computer Network Defense drills in order to evaluate and improve processes related to threat detection, incident response, patching, remediation and user training.
Perform liaison activities with other bureaus and offices within the department.
Assist in the selection, implementation, support, and/or development of enterprise security tools was required.
Interface with vendor support teams to keep abreast of developments in product lines.
Develop internal SOPs and job aids. Participate in the strategic development, implementation and execution of Tactics, Techniques, and Procedures (TTP).
Daily Responsibilities:
Work closely with other groups and build working relationships to effectively complete our mission while respecting stakeholder needs and requirements.
Interact with IT operational teams to advise on, coordinate and track mitigation and remediation activities
Formulation and creation of information security metrics for the purpose of analysis and greater enterprise security posture awareness.
Prepare reports and briefings for senior leadership related to routine and high profile vulnerability analysis.
Perform and post results of routine and on demand vulnerability assessments.
Consultation and support to other parties within the Department of State's Monitoring and Incident Response Division concerning Computer Network Defense (CND).
Required: Basic Requirements
This position supports the Department of State's Monitoring and Incident Response Division in providing Continuous Diagnostics and Monitoring (CDM) with regard to Blue Team network defense. The successful candidate will have a proactive CND mindset in order to develop comprehensive remediation strategies and strong customer service skills in order to provide technical guidance to other Department of State teams. Additionally, strong verbal and written communication skills are required with the ability to relay complex technical issues to leadership. Basic qualifications include but are not limited to:
Five to seven years of experience in information security, information technology, or related field.
Previous Blue Team experience required; previous Red Team experience preferred.
Experience developing Blue Team goals, processes and assessment methodology for effective cyber security assessments.
Proven experience developing and leading remediation/ mitigation activities, and providing status updates and reports. Emphasis on remediation plans and strategies.
Ability to perform risk analysis by correlating known vulnerabilities and threats and assigning priorities to issues
Ability to provide technical leadership and guidance to team members by utilizing cyber security policies, concepts and emerging practices to coordinate assessments.
Experience with enterprise vulnerability and compliance scanning systems.
Experience with Splunk or other enterprise level data analytics tools.
Experience with Windows Desktop, Windows Server and Linux operating systems and system administration ? specifically with regard to patching and compliance.
Experience with networking hardware (routers, switches, firewalls) and configuration ? specifically with regard to patching and compliance.
Understanding of networking concepts such as DMZs, subnets, VLANs, private IP addressing and NAT.
Ability to perform manual and automated analysis of systems and networks in the effort to identify, assess, and mitigate vulnerabilities to strengthen security posture.
Ability to perform a risk analysis of vulnerabilities and threats and provide risk management recommendations.
Basic understanding of the SCAP framework, with a preferred but not required capacity for alteration and editing.
Familiarity with NIST Special Publication 800-53 and CVE (Common Vulnerabilities and Exposures) standards.
Effective written and verbal communication skills ? ability to prepare and present security assessment results to senior management
Flexibility to adjust to new requirements and objectives as they develop.
Strong customer service skills to follow-up with clients in order to maintain project schedule.
Technical knowledge of information technology and cyber security standards and issues.
Problem-solving and resolution with attention to detail.
Strong capacity to share knowledge with other teams.
Are you a returning applicant?Previous Applicants:Email:Password:
If you do not remember your password click here.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.