- Demonstrated broad background in information security tools, concepts and issues across a broad range of technologies including Network and Software Security, Network Penetration Testing, Web Application Penetration testing by related work experience
- Familiarity with a variety of penetration testing tools and methodologies
- Knowledge of security policy and compliance
- Experience with Network and Application Layer Firewall Technology
- Experience in system hardening, analysis, and vulnerability management.
- Demonstrate excellent verbal and written communication skills
- Must possess strong interpersonal relations and analytical skills
E2544:Info Assurance Engineer Stf
This position will provide Government, Commercial, and International Cyber Inside customers with broad spectrum Cyber capabilities, to include Certification and Accreditation (C&A) support for DoD systems, Cyber Vulnerability Assessments, penetration testing, Security Technical Implementation Guide (STIG) compliance testing, test data reduction, risk analysis and assessments, and provide fix actions or mitigation rational. This position will help determine testing criteria, develop test plans and rules of engagement, lead test events, manage customer expectations, and product test reports or analysis to customers as needed.
- Demonstrable SME level experience with two or more of the following standards/guides: Common Criteria, NSTISSIP 11, DoD8500.1, DoD8500.2, JAFAN 6/3, DITSCAP, DIACAP, RMF, JSIG, CNSSI 1253.
- Experience leading and performing Cyber Vulnerability Assessments, Penetration Testing, and Security Technical Implementation
- Practical experience configuring and administrating Host Based Security System, Splunk, ArcSight, and other network monitoring, incident response, and logging tools.
- Practical experience hardening and/or testing Microsoft Windows and Linux operating systems, Active Directory, DNS, SQL and Oracle Databases, IIS and Apache webservers and network devices, to include various switches, routers and Firewalls.
- Other desiredexperience areas: Embedded Cyber, SW Secure Coding / Analysis, OSINT Analysis experience, System Engineering / Network Engineering / Network architecture and design experience.