NetCentrics Corporation is a leading provider of enterprise systems management, solutions engineering, applications development, information assurance, computer network defense and cybersecurity for the Department of Defense, Department of Homeland Security and other federal agencies.
The Security Engineer runs and reviews all vulnerability scans of every system in the network, and maintain and update the Nessus server. Update the vulnerability management database monthly. After the monthly pre-scan, manually apply vulnerability patches to the servers. Create DISA STIG scans for OS and software that NetCentrics runs. If deemed fit, candidate must, upon request, in the first six months get two security certificates
Vulnerability Management System (VMS)
- Ensure all assets are scanned for vulnerabilities on a monthly basis
- Ensure all assets are patched an vulnerabilities are mitigated on a monthly basis (may move this to security position)
- Update VMS Dashboard, and report monthly to management
- Manually patch network servers
- Create DISA STIG scan for windows servers and workstations to be run quarterly
- Run and review monthly vulnerability pre and post scans on servers, PC, network devices and phone system
- Maintain database of monthly scan data
- Troubleshoot fail scan and fail patches
- Create Plan of Action and Milestones (POA&M) monthly
- Maintain and update Nessus scanner
- Weekly scan for malware on servers and workstations
- Create vulnerability reports
Intrusion Detection System (IDS)
- Ensure IDS system is up and operational. Identify operational issues and mitigate
- Ensure all findings are logged in SIEM
- Expand current IDS architecture to entire infrastructure
- Recommend upgrades, changes, enhancements to IDS System
- Perform all maintenance and tuning to the IDS system
- All Training for SO is on-line
Security Information and Event Management (SIEM)
- Ensure SIEM is up and operational. Identify operational issues and mitigate
- Ensure all assets are reporting logs to SIEM within 30 days. Report findings to asset owners
- Expand AIE rules to identify potential compromises and intrusions
- Create Dashboards for analyst to utilize
- Recommend upgrades, changes, and enhancements to SIEM
- Perform all maintenance and tuning to SIEM
- Create reporting and metrics for management
- LogRhythm Training is on premise
- Justin and Dave Clarkson are resources
Incident Management and Response
- Identify/Respond to all Security Incidents
- Follow Incident Management Process
- Perform Analysis and report mitigation to leadership in an expedited fashion to minimize potential risks
- Mitigate Security Incidents
- Document all Security Incidents and provide After Action Report to leadership
- Assist with the upkeep and maintenance of all ISO Certification with regards to Security Role
- Perform and audits/tasks/projects related to ISO requirements related to Security Role
- Network Taps
- Identify requirements for network traffic capture
- Recommend solution for network taps, to include implementation and cost
- Implement Network Tap solution with minimal impact to user community
- Follow Change Management Process for Network Tap implementation
- Penetration Tests
- Identify requirements for external penetration tests
- Recommend solution for penetration tests, to include implementation and cost
- Implement penetration test solution with minimal impact to user community
- Follow Change Management Process for penetration test implementation
- Firewalls/Switches/Layer 2 and 3 devices
- Review all Layer 2 and 3 device configurations
- Recommend changes and improvements to current configurations
- Work with IT team to reduce footprint to minimize corporate exposure
- Ensure devices are backed up and updated
Physical Security Roles—Future Job responsibilities include:
- Assist with implementing and maintaining compliance of the NIST 800-171 standards.
- Maintain the overall physical security systems for the facility.
- Review and track the overall physical security system, to ensure only authorized personnel have access.
- Assist with issuing and tracking badges, and keys, as well as tickets in the SysAid system.
- Maintain physical security documentation and files in accordance with DSS requirements and NetCentrics policies and procedures.
Be able to:
- Provide security guidance to the customer's managers and external customers. Serve as liaison between the employees and security elements.
- Research, document, and make recommendations to update and streamline security policies, processes, procedures and inspections.
- Assist Facility Security Officer with preparing summaries of reportable information, including detailed evaluation of derogatory information and request additional information if facts are insufficient to render a determination.
- Assist with preparing for and participating in DSS security reviews.
- Must have BS in Information Systems or an equivalent degree/certification or commensurate experience
- Must have a minimum of 10 years’ experience in IT
- Must have proficiency in running vulnerability scans, patching network servers, creating DISA STIG scans, troubleshooting fail scan and fail patches and maintaining a Nessus scanner
- Ability to sit frequently (2.5-5.5 hours per day)
- Ability to talk and use hands for pushing/pulling and precise manual dexterity occasionally (0.25-2.5 hours per day)
- As a contingency to employment at NetCentrics, all candidates who are given offers must successfully pass a full background investigation including criminal history, education and employment verifications.
**In order to be considered for this position, you must apply directly through our careers site**
NetCentrics is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.