Today
Secret
Mid Level Career (5+ yrs experience)
$125,000 - $150,000
IT - Security
Dahlgren, VA (On-Site/Office)
Apex Systems is seeking a skilled full-time ISSO/Systems Security Engineer to join their team in Dahlgren, VA. The ideal candidate will have a strong background in computer networking concepts and protocols, as well as network security methodologies. The ISSO/Systems Security Engineer will be responsible for identifying and mitigating vulnerabilities in security systems, conducting vulnerability scans, and applying system, network, and operating system hardening techniques.
Position: ISSO
Location: Dahlgren, VA – 4x a week onsite, 1x telework
Hours: Regular business hours
Compensation: $120,000-140,000/yr depending on experience
Job type: 6-month contract to hire
Certifications: Must have CASP or CISSP
Responsibilities
• Conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).
• Conducting application vulnerability assessments.
• Identifying systemic security issues based on the analysis of vulnerability and configuration data.
• Sharing meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution.
• Performing impact/risk assessments.
Required Skills:
• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Skill in using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).
• Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
• Skill in conducting application vulnerability assessments.
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Ability to cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Tenable Assured Compliance Assessment Solution (ACAS)
• Trellix Endpoint Security System (ESS), previously known as McAfee Host Based Security System (HBSS)
• Skill in applying host/network access controls (e.g., access control list).
• Skill in using Virtual Private Network (VPN) devices and encryption.
• Skill in securing network communications.
• Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
• Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
• Skill in performing impact/risk assessments.
• Skill to develop insights about the context of an organization’s threat environment
• Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Preferred:
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list).
• Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of network traffic analysis methods.
• Knowledge of Virtual Private Network (VPN) security.
• Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
• Knowledge of application security risks.
Position: ISSO
Location: Dahlgren, VA – 4x a week onsite, 1x telework
Hours: Regular business hours
Compensation: $120,000-140,000/yr depending on experience
Job type: 6-month contract to hire
Certifications: Must have CASP or CISSP
Responsibilities
• Conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).
• Conducting application vulnerability assessments.
• Identifying systemic security issues based on the analysis of vulnerability and configuration data.
• Sharing meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Applying cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Troubleshooting and diagnosing cyber defense infrastructure anomalies and working through resolution.
• Performing impact/risk assessments.
Required Skills:
• Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
• Skill in using DoD network analysis tools to identify vulnerabilities (e.g., ACAS, HBSS, etc.).
• Skill in system, network, and OS hardening techniques (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
• Skill in conducting application vulnerability assessments.
• Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
• Ability to share meaningful insights about the context of an organization’s threat environment that improve its risk management posture.
• Ability to cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Tenable Assured Compliance Assessment Solution (ACAS)
• Trellix Endpoint Security System (ESS), previously known as McAfee Host Based Security System (HBSS)
• Skill in applying host/network access controls (e.g., access control list).
• Skill in using Virtual Private Network (VPN) devices and encryption.
• Skill in securing network communications.
• Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
• Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution.
• Skill in performing impact/risk assessments.
• Skill to develop insights about the context of an organization’s threat environment
• Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Preferred:
• Knowledge of cyber threats and vulnerabilities.
• Knowledge of specific operational impacts of cybersecurity lapses.
• Knowledge of host/network access control mechanisms (e.g., access control list, capabilities list).
• Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Knowledge of network traffic analysis methods.
• Knowledge of Virtual Private Network (VPN) security.
• Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
• Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
• Knowledge of application security risks.
group id: apexsan
