Hello, Please note this position with Fed Agency and required Active Secret or TS or Interim clearance. Must be due to the clearance requirement. Client Federal Agency Shift and days 2 days on-site (any two Wed to Sat - 2 days tele-work) Shift 6 or 7 AM Shift - 10 hours location Sterling VA Interview Phone or web Clearance Active Secret or higher Required Skills set Pen testing, OWASP, SIEM, Burp, Nessus -Information Security Experience Six (6) years of experience in Information System Security, Cyber Security Insider Threat, or certification Accreditation. Knowledge of the latest OWASP Top 10 and SANS Top 25 vulnerabilities and the corresponding mitigation techniques. Extensive work experience and knowledge in network monitoring, and intrusion detection using host-based and network- based intrusion detection systems (IDS) and log management applications testing, installing, patching, and upgrading computer hardware and operating systems (Windows, and UNIX) in an enterprise environment identifying, collecting, processing, documenting, reporting, cyber security incident response events architecting, engineering, developing and implementing cyber securityincident response policies and procedures engineering, testing, installing, patching, and upgrading various information security hardware and software applications, Experience with tools from 3rd party vendors such as Rapid7, Qualys, Whitehat andor open source tools such as Nessus, Metasploit, Burp Suite, Arch sight, sourcefire, and Nmap. information system security, cyber security, computer forensics, vulnerability assessment and penetration testing, malware analysis, insider threat, information certification accreditation regulations, National Institute of Standards and Technology (NIST). Have experience with one or more open source and commercial testing tools a non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap Information Technology Experience Two (2) years of experience engineering, integrating, developing andor deploying information technology products (hardware and software) in an enterprise environment. Performs all aspects of intrusion detection, log and audit management, network and database vulnerability assessment and compliance management, and security configuration. Addresses problems, installs, configures, troubleshoots, and provides maintenance and training in response to customer requirements or inquires. Conducts the integrationtesting, operations, and maintenance of systems security. EDUCATION SUBSTITUTION Any combination of certificates such as Microsoftrsquos MCSE, or Ciscorsquos, CCNA, CCDA, CCNP, or CEH, may be considered equivalent to two (2) year of general experience information technology experience. The CISSP or CISM certificate may be considered equivalent to two (2) years of information security experience.
Location/Region: Sterling, VA