Cybersecurity Engineer [JOB ID 20230918-MD]
Phoenix Cyber is looking for a Cybersecurity Engineer/Tool Lead to join our client delivery team. This position is onsite at the client location in Rockville, MD.
- Previous management and administration experience in Splunk SaaS, Splunk Enterprise Security, Splunk SaaS UBA, Crowdstrike, Tenable SC, Tenable IO, Forescout, zScaler, Bigfix, MS360, and Encase for forensic investigations, Fireeye, Cortex XSOAR, Cortex XDR, Prisma Access, Symantec Endpoint Protection (SEP), MSP360, Okta, Panorama, Armis
- Previous SIEM management experience
- Managing data onboarding with enterprise environments
- Clear communication on finding and/or new rule logic to teams and leadership
- Experience working with VMWare
- Experience managing and deploying EDR applications on large-scale environments.
- Analyze system vulnerabilities using Tenable scans and STIG Viewer. Remediate high and critical vulnerabilities.
- Install and configure centralized Symantec Endpoint Protection Server. Manage systems through the Management console, ensure systems are up to date with the latest virus definitions, and troubleshoot any antivirus-related issues.
- Assist to support the full system engineering life-cycle, including requirements analysis, design, development, test, implementation, maintenance, integration, and documentation of SOC infrastructure and SOC tool suite
- Installing, configuring, monitoring, and troubleshooting network security solutions and related monitoring tools including L2/L3 network security devices, IDS/IPS, Full packet capture, DLP, Endpoint (AV, DLP, Endpoint Detection & Response), and infrastructure supporting SIEM (Splunk).
- Responsible for supporting LAN/WAN security solutions including creating and maintaining LAN/WAN security standards and design documentation
- Develop and assist with new LAN/WAN security applications and hardware as assigned.
- Ability to script in one more of the following computer languages Python, Bash, or Powershell
- Strong written and oral communication with the ability to communicate with team members, management and customer.
- BS degree Science, Technology, Engineering, Math or related field and 1+ years of prior relevant engineering experience supporting SOC or NOC environments.
- Knowledge and experience engineering the following technologies Firewalls, VPN Solutions, Web Application Firewalls, and Content Filtering.
- Advanced working knowledge of the following: encryption algorithms, secure communications, SIEM technologies, and embedded systems security.
- Network and data communication protocols. familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
- Network based IDS/IPS and full packet capture technologies along with affiliated modes of operation.
- Network Security Architecture Development.
- Experience performing gap analysis, identifying new tools and/or required upgrades based on ROI.
- Ability to pass a government background investigation
- Ability to learn and support new systems and applications
- Redhat, Cisco or Microsoft, Security+, or Network+ certifications
- Cisco Hardware and Storage
- Expertise in Networking, Linux and Windows
- Sourcefire (snort) or RSA Security Analytics (network) experience a plus
Phoenix Cyber is a national provider of cybersecurity engineering services, operations services, sustainment services and managed security services to organizations determined to strengthen their security posture and enhance the processes and technology used by their security operations team.
Phoenix Cyber is an equal opportunity employer and complies with Executive Order 11246, Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veteran's Readjustment Assistance Act (VEVRAA), all amendments to these regulations, and applicable executive orders, federal, and state regulations. Applicants are considered without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, and/or veteran status.
Phoenix Cyber participates in E-Verify to confirm the employment eligibility of all newly-hired employees. To learn more about E-Verify, including your rights and responsibilities, go to https://www.e-verify.gov/