Systems Security Engineer
Creates cyber-intelligence tools / methods and performs research and analysis in order to mitigate and eliminate data and cyber security risks. Designs and develops acceptance criteria for cyber security architecture.
- Investigates computer and information security incidents to determine extent of compromise to national security information and automated information systems.
* Defines security objectives and system-level performance requirements.
* Researches and stays abreast of tools, techniques, countermeasures, and trends in computer network vulnerabilities.
* Configures and validates secure systems, tests security products/systems to detect computer and information security weaknesses.
* Maintains the computer and information security incident, damage and threat assessment programs.
* Responsible for the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results and preparation of required reports.
* Involved in the periodic conduct of a review of each system's audits and monitors corrective actions until all actions are closed.
* Designs, develops, or recommends integrated system solutions ensuring proprietary/confidential data and systems are protected.
* Involved in the establishment of strict program control processes to ensure mitigation of risks and supports obtaining certification and accreditation of systems.
* Reviews processes and security protocols and makes recommendations for increased cyber security protection.
Bachelor's Degree in Computer Science or a related field or equivalent experience.
Relevant Work Experience:
5-10 years of experience in systems security.
Other Job Specific Skills
- Must be able to communicate effectively and clearly present technical approaches and findings.
- Exercises a limited degree of latitude in determining technical objectives of assignments.
- Excellent attention to detail.
- Must be able to balance multiple tasks simultaneously.
- Advanced knowledge of encryption, vulnerability assessment, penetration testing, cyber forensics, intrusion detection, and incident response and remediation.