Software and Database Engineering | Information Assurance
Network & Infrastructure Management | Management Consulting



Certification and Accreditation Engineers

General Tasks:

Must possess the requisite skills to provide security Certification and Accreditation (C&A) support for sensitive but unclassified (SBU) and classified automated information systems within the Department of Homeland Security (DHS).
Will perform C&A functions, including researching requirements, developing C&A packages and documentation, and updating security policies and procedures.
Will perform certification/security test and evaluation (C/ST&E) including information security engineering support for the testing, integration, analysis, and review of system components in a network centric environment.
Must be experienced in the National Institute of Standards and Technology (NIST) and DoD Information Technology Certification and Accreditation Process (DITSCAP). Will interface with client management, network/systems engineers, component Information System Security Manager/Officers (ISSM/ISSO), and other personnel.

Education and/or Equivalent Years of Experience

College Degree: Bachelor's degree and (8) yrs of experience
Without a College Degree: (15) years
Certifications equate to 2 years of experience

Experience preferred:

 

o 8+ years of information techno logy industry experience
o 5+ years of Information Assurance/Security experience
o 4+ years of Certification and Accreditation (C&A) experience
o Well versed and knowledgeable in industry standards such as NIST, DITSCAP, NIACAP,…
o Solid experience in the C&A full life cycle and have completed many C&A packages
o 3+ years of Security Test & Evaluation (ST&E) experience
o Knowledge in developing connection approval processes (CAP) is desired
o Excellent communications skills (written and verbal)
o Industry certification such as CISSP preferred
o Active U.S. Government Secret Clearance

If you are interested in a challenging, fun, exciting, and rewarding career opportunity working with smart people to deliver intelligent solutions then submit your resume to hire.me@microsysllc.com.


Intrusion Detection Systems Engineers

Task Description

The Intrusion Detection Engineer is primarily responsible for monitoring of network systems activity, recognition, and documentation of exceptions, development of actions, tuning of IDS signatures, and reporting. This position will develop standard operating procedures in the area of IDS, systems and network monitoring.

Secondary job responsibilities will include assisting other staff in maintaining and building of IDS systems, installation, and administration of IDS systems and may include administration of Firewalls, content management devices, switches, and routers for the day-to-day management and maintenance of the data communications infrastructure. Over time, this position is expected to grow into a systems administration role within network services moving away from daily monitoring.

Supporting the operation, development, and implementation of Network-based Intrusion Detection Systems (NIDS) and Host-based Intrusion Detection Systems (HIDS)
Developing techniques and methodologies for identifying and dealing with “zero day” incidents
Coordinating “active response” (blocking) and automated escalation of events
Supporting cyber security forensic analysis through incident investigation, tool development for data mining and notification/alarming
Coordinating IDS activities with other organizations (CSIRC,SOC, and others organizations)

Education and/or Equivalent Years of Experience

College Degree: Bachelor's degree and Minimum 2 years experience working in a heterogeneous network/host environment, ISP environment preferred.
Without a College Degree: 7+ years experience in implementing and supporting information systems.

Experience preferred:

 

o Active U.S. Government Secret Clearance
o Deep understanding of network protocols, specifically TCP/UDP/ICMP and common computer services (web, e-mail, FTP, DNS, etc.)
o Familiarity with multiple operating systems and platforms including Windows 2K/XP, Linux (Red Hat and other flavors) and Solaris
o Experience with commercial IDS products preferably Enterasys Dragon
o CISSP or GIAC Certifications a strong plus
o Must be able to work independently and in a team environment

If you are interested in a challenging, fun, exciting, and rewarding career opportunity working with smart people to deliver intelligent solutions then submit your resume to hire.me@microsysllc.com.


Incident Management Engineers

Task Description

The Technical Incident Responder will be expected to serve in a hands-on role as the primary security incident handler. The Technical Incident Responder will understands and apply knowledge of information systems security principles to network protocols, architectures, equipment, services, standards, and technology.

The Technical Incident Responder will be able to monitor and analyze data collected from firewalls, intrusion detection systems, host security and event management systems. Individuals will identify security breaches and intrusions, initiate alerts and recovery actions, and participate in Computer Incident Response Team (CIRT) activities.

This position requires a strong grasp of information security concepts and methodologies, as well a practical understanding of perimeter defense and security principles such as authentication, authorization, and access control, and protection strategies.

Analyze and verify security event data to determine if a security related incident is potential or is in progress and escalate the security events signifying real verified security incidents to the incident Response process
Monitor and review all automatic and manually generated alerts by the security event management system and/or calls and emails from users or administrators on a continuous basis
Respond, investigate, document, report on and track IT security incidents to help minimize information loss and disruption of service
Participate in the incident response team in a hands-on, technical role.
Identify the root cause of security incidents
Recommend and implement solutions for limiting the scope of the incident
Eradicate any signs of intrusion.
Work with senior management to recommend and implement additional controls to prevent future incidents.
Identify vulnerabilities that are applicable to the system and network, determine their severity and urgency, work with system owners to determine if and when corrective action will be taken, and perform necessary actions to verify that corrective actions were effective.
Analyze security violation reports for suspicious activities and patterns.
Experience with malicious code and anti-virus detections

Education and/or Equivalent Years of Experience

College Degree: Bachelor's degree and 5 years experience minimum
Without College Degree: 10 years experience in computer system security if no degree.

Experience preferred:

 

o Active U.S. Government Secret Clearance
o Knowledge or experience of:

 

> Cisco Network Devices
> Intrusion detection systems
> Anti-virus software
> MS Windows NT/2000/XP/Active Directory
> Application and Network level security analysis
> In-depth understanding of standard Internet protocols (TCP, FTP, HTTP, DNS, and SMTP).

 

o Security certification (CISSP, GIAC) and technical certifications (MCSE, Red Hat , CCNA,CCIE) are a plus.

If you are interested in a challenging, fun, exciting, and rewarding career opportunity working with smart people to deliver intelligent solutions then submit your resume to hire.me@microsysllc.com.