This role is responsible for protecting information systems and networks from potential cyber-attacks. The Cyber Security Engineer must display an excellent understanding of technology and utilization of Firewalls (Security Groups), VPNs, Data Loss Prevention (DPS), IDS/IPS, Web-Proxy, Security tools, and Security Audits. Candidates will work directly with Team leads, developers and operations personnel throughout a DevSecOps life cycle both on policy and technical implementation of technologies.
Primary Responsibilities:
Plan, implement, manage, monitor, and upgrade security measures and tools for the protections of information systems and networks and automate repeatable tasks in a consultative role; Design, configure, implement, troubleshoot, and maintain all security platforms and their associated software, such as firewalls (Security Groups), intrusion detection/intrusion prevention, anti-virus/malware (HBSS), cryptography systems (Vormetric), SIEM (Splunk), and MDM; Formulate systems and methodologies as well as respond to security related events and assist in remediation efforts of cyber security incidents (system and/or network breaches, malware attacks); Participate in the change management process; Coordinate, and monitor log analysis for our managed services offerings, to ensure customer policy and security requirements are met.
Basic Qualifications:
Expert with at least one of the following tools: Splunk, HBSS/McAfee, Rapid7; Expert with implementing and managing SIEM (e.g., Splunk), end-point security (IDS/IPS and HBSS); Expert knowledge of networking protocols, such as TCP/IP, LAN/WAN concepts; Expert with automation (e.g., Ansible, CloudFormation); Strong attention to detail with analytical mind outstanding problem-solving skills; Awareness of Cybersecurity trends and hacking techniques. Candidate should have a Master’s degree with 15 or more years of prior relevant experience to operate within the scope contemplated by the level.
Preferred Qualifications:
Experience with additional security tools and processes such as IDS/IPS, VPN, Webinspect, Appdetective; Experience with implementing and managing Network and Application Firewalls; Experience with incident detection, incident response and forensics activities; Experience with scripting languages (Python, Power Shell); Experience with Cloud Computing; Technologies/Amazon Web Services (AWS); Experience with Agile Software Development, AWS Certification; Experience maintaining virtual private networks, firewalls, web protocols; Experience with SAFe Agile Framework; Knowledge of potential attack vectors such as XSS, injection, hijacking and social engineering; Experience with health monitoring tools (Nagios, SolarWinds)
Candidates must possess a current TS/SCI security clearance w/Polygraph.
Equal Employment Opportunity / Affirmative Action
ATS is committed to a program of equal employment opportunity without regard to race, color, ethnicity, national origin, ancestry, citizenship, sex, pregnancy, marital status, sexual orientation, gender identity, age, religion/creed, hairstyles and hair textures, handicap/disability, genetic information/history, military/veteran status, or any other characteristic or condition protected by federal, state or local law. It is the policy of ATS not merely to refrain from employment discrimination as required by the various federal, state, and local enactments, but to take positive affirmative action to realize for women, people of color, individuals with disabilities and protected veterans full equal employment opportunity. We support the employment and advancement in employment of individuals with disabilities and of protected veterans, and we treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status.