Tuvli, an Akima Company, is dedicated to providing our customers with superior, integrated technology and program suppo rt services and solutions. Our systems engineering, information technology, information assurance, program support and project m anagement staff work closely with customers to ensure that our solutions are directly aligned with their business processes and desired program outcomes. We emphasize affordability, and delivering the best value for technology investments.Our personnel enjoy competitive benefits packages and challenging roles in work environments committed to innovation, diversity and opportunity for career growth. As an Alaska Native Corporation (ANC), 100% of our company's profits go back to our 14,300 I�upiat shareholders that have resided near and above the Arctic Circle for more than 10,000 years. Our business helps support their way of life and contributes to the survival of a culture that has thrived in a challenging environment.
We are seeking an experienced Security Engineer to supportsecurity operations, incident response, strategy, planning, architecture, vulnerability assessments, remediation, and coordination with various government security entities. This includes the development, implementation, administration, and operation of a wide-range of security technologies, processes, and procedures in a mission critical environment, as well as developing the supporting documentation for the activities described above.
The candidate will be responsible for maintaining Network Defense and Monitoring tools as part of a Computer Incident Response Team (CIRT).The candidate will need to have a strong knowledge of the underlying technologies that contribute to the system infrastructure, such as networking, operating systems, applications and servers, security hardware software, and how they interact.
Functional responsibilities will include:
- Development, implementation, administration, operation, and documentation of network security systems and their design.
- Creation and documentation of incident investigation and handling procedures, knowledge base articles, standard operating procedures, and policies.
- Review, implementation and testing plans to ensure system implementations meet regulatory requirements.
- Conduct analysis and audits of system components to ensure the confidentiality, integrity, and accessibility requirements of systems and data are met.
- Develop programs, scripts, or other code segments to support the operation, administration, maintenance, analysis, or audits of data and systems.
- Evaluate, install, configure, test, and update network security systems and hardware.
- Perform software security analysis for various "off-the-shelf" software solutions.
- Provide security consultation as required.
- 5 years of broad work experience including administration, engineering and security
- 3 years of experience in network and system design, access control and implementation
- Ability to work on multiple projects simultaneously and balance conflicting demands
- Strong sense of professionalism, integrity and ethics
- Ability to combine technical skills with an understanding of business needs to successfully protect assets
- Proven ability to communicate effectively, both verbally and in writing to technical and non-technical audiences
- Experience assessing and hardening security configurations for operating systems, applications and services
- In-Depth knowledge of TCP/IP addressing and standards including network design, firewall configuration, load balancing, remote access, strong authentication, vulnerability scanning, VPN and DMZ management
- Technical knowledge and experience with application security, content filtering, network protocols, access control, encryption, and 2 factor authentication technologies
- Understanding of common security protocols such as Kerberos, RADIUS, RSA, TACACS , SSL, TLS, SSH, IPSec, S/MIME, PKI and SFTP
- Ability to perform ethical hacking, penetration testing, vulnerability assessments and web application security testing using various tools and provide a summary of issues and best practice resolutions
- US Citizen with the ability to obtain and maintain a client specific Public Trust
- CISSP, SANS GIAC, security , MCSE, Linux certifications or equivalent certifications a plus
- Experience with one or more of the following technologies and skill sets is desired: Splunk Enterprise Security, Cisco FirePOWER, VMware, NSX, Cisco ACI, Snort, IDS, Red Hat Linux, CentOS, Nessus/Tennable.SC, HIPS/HIDS