Analyze security event logs from network security devices (e.g., network and host-based security systems, firewalls, routers, switches, etc.) and mission critical servers for indicators of compromise and known attack patterns; support development and dissemination of computer network defense (CND) alert and notification messages to warn customers of threats and provide guidance for countermeasures to defend against identified threats.
The Security Engineer II will, under general supervision, performs a wide variety of duties in support of technical or administrative assignments using established procedures. May assist in the preparation, presentation, and follow-up of proposals with supervision.
The candidate works in close coordination with the Network Service Operations Manager and Infrastructure Services Crew Lead, project managers, and other service area representatives to coordinate network cyber compliance and implementation efforts.
The Network Cyber Compliance Engineer will interface with CERT and IA to accelerate DISA CYBERCOM cyber security requirements by configuring and maintaining network equipment compliance with DoD guides and standards; configuring and maintaining hardware and operating system currency; as well as providing capacity utilization, technical refresh, and architecture roadmap input.
Develop and recommend security designs and frameworks for technology systems by defining process and architecture for creating secure networks, systems, and applications. Is experienced using common architectural reference models and tools such as TOGAF and SABSA.
Assist with the Information Assurance Vulnerability Management Program; to include dissemination, monitoring, and tracking of IAVM notifications to customers; review of IAVM Plan of Action and Milestones; and provide technical assistance as required.
The Endpoint Security Engineer SMTS is primarily responsible for engineering a comprehensive endpoint security configuration. This will be accomplished through the application of industry best practices, NIST/CIS standards and an intimate personal knowledge of desktop/endpoint security principles.