The National Cyber Forensics & Training Alliance (NCFTA) brings public and private industry together to research and identify current and emerging cyber crime threats globally.  Our organization strives to achieve professional and technical excellence, build lasting professional relationships and make a difference in society.  We hire employees who are passionate about what they do and we promote a culture of integrity and hard work.  For further information see www.ncfta.net.

Network Security Engineer

We are currently seeking a candidate with a strong background in information security and hands-on experience in various networking technologies, to include but not limited to devices such as firewalls, VPN, intrusion/extrusion detection, vulnerability and risk assessment tools, encryption technologies, virus/worm prevention, web application technologies, application communication and security controls, two-factor authentication, common Windows (desktop and server) platforms, various UNIX platforms, TCP/IP, SNMP, and miscellaneous security related toolsets are all required.  Experience in continuous monitoring, alerting, integration, logging, scripting and a layered and multi-prong approach to security is desired.

This position will be responsible for:

• Design, oversight, implementation and on-going support of security solutions for an operational environment deployed across multiple sites and to provide day-to-day network and network security operational support
• Integration and operation of solutions for network and host based intrusion detection and prevention, log aggregation, security information and event management, network management and operational monitoring
• Oversight and briefings to project teams on industry best practices for implementing network security and ensuring adherence to corporate policy and standards
• Overall corporate security, controls, monitoring, alerting and best practice adherence end to end on all systems, devices and technologies
• Building best practices for security throughout organization

Qualifications/Requirements:

• Must be able to pass a background check
• 3-5+ years of network security in a server/data center environment
• Administer network and computing devices/systems that enforce security policies and audit controls in a multi-technology environment
• Formulate, design, Implement and support security architectures that adhere to security contractual requirements for supporting ISO 27001, FISMA and other security standards architecture
• Must be able to perform hands-on support for a wide range of security technologies including, but not limited to: SEIM, IDS/IPS, Mobile Security, data at rest/in-motion encryption, malware protection, content filtering, logical access controls, identity and access management, data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, security incident response
• Experienced with integrating and understanding net flow data
• Network security certifications or extensive working experience a must (Cisco CCNA, CCNP or CCSP)
• CISSP, CEH or related certification a plus
• Excellent network trouble shooting skills are critical – experience using multiple tools, i.e., packet captures, analysis and methodical approach to root cause and resolution
• Conduct risk assessments, penetration tests and diagnose internet/extranet security, intrusion attempts, and preventative measures and tools in place to thwart a security breach externally and internally
• Research emerging technologies in support of security enhancement and development efforts
• Solid networking experience, including VPN, IPSec, DNS, DNSSEC, BGP
• Experience deploying solutions into an enterprise scale production environment
• Experience with log aggregation, monitoring and alerting (NAGIOS X1, UBUNTU)and SIEM tools (McAfee ESM, Nitro, Splunk)
• Experience or working understanding of host based IDS/IPS (i.e. SNORT)
• Facilitate and coordinate and remediation of fixes, patches, disaster recovery procedures in the event of a security breach
• Must work creatively and analytically in a problem-solving environment

Preferred Qualifications:

• Bachelor’s Degree in Computer Science or related field; or equivalent post high school education and/or work related experience.
• Strong programming skills in at least one language on a Linux platform
• Experience in working with compliance and regulatory program requirements.
• Experience analyzing network, event and security logs, and/or IDS alert logs.
• Proven project management and organizational skills, specifically managing multiple concurrent projects and multiple technologies
• Excellent analytical, problem solving and decision making skills, applied with a solution-focused attitude
• Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy and explain technical details in terms everyone understands
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism Excellent team work skills