Tuesday, November 28, 2023 03:43 Sign In

Senior Security Engineer

Back to Directory

Responsibilities

  • Conducts formal network application, wireless social engineering, cloud, and physical tests on DHS information systems. Wireless and Bluetooth tests are conducted on web-based applications, networks, and other types of computer systems regularly.
  • Responsible for physical security assessments of servers, computer systems, and networks
  • Conducts regular security audits from both a logical/theoretical standpoint and a technical/hands-on standpoint
  • Successfully executes network mapping to identify live hosts and active ports, protocols, and services (PPS) and analyze the results of NMAP data to identify risky PPS
  • Prepares and submits security testing Rules of Engagement (ROE) for HVA, Internal and External Threat Assessments, prior to conducting penetration testing and ensures that before conducting penetration testing and ensures that the ROE provides the operational security controls to protect both the system and network
  • Support ESOC enclave, OneNet, and RTIC through conducting scheduled and ad-hoc vulnerability scanning
  • Conduct database and web-based vulnerability assessments
  • Conducts cloud-vulnerability/penetration assessments
  • Conducts or assists with penetration testing as required by System Owner ISSM/ISSO in support of Security Controls Assessments continuously monitoring and FISMA requirements
  • Creates and publishes security-related alerts, bulletins, and notifications to all DHS HQ components based on identified software and hardware vulnerabilities and monitor for compliance
  • Provide penetrating testing summary reports in accordance with the signed ROE document to the appropriate System Owner ISSM/ISSO, Government Lead, DHS PM, and document the findings
  • Conduct penetration testing only under well-defined written conditions, agreed to in advance by the DHS Government leads, DHS PM appropriate System Owner/ISSM/ISSO, and in accordance with a signed ROE document
  • Support ESOC enclave, OneNet & RTIC through conducting scheduled and ad-hoc vulnerability scanning

Certifications

  • Certification in their respective subject area

Qualifications

  • Must have a Bachelor’s Degree in Computer Science, Mathematics, or other related scientific or technical discipline
  • Must have an active Secret security clearance
  • Must have 7+ years of relevant work experience
  • Vulnerability Tracking and Reporting
  • Internal and external vulnerability assessment
  • Ability to communicate effectively (written and verbal)
  • Knowledge of penetration testing
  • Knowledge of cybersecurity, privacy principles, and their respective organizational requirements

Location

  • This position requires the candidate to come on-site to the facility twice a week (Tuesday & Thursday), and work can be done remotely. The main facility is located in the National Capital Region within the DC Metropolitan area.

Salary

  • Salary is based on the number of years of relevant work experience the candidate has.

Please email your resume to our HR Recruiters