Cybersecurity Engineer, SR.
HITSS, LLC. is seeking a Cybersecurity Engineer to support its federal government customer. The Cybersecurity Engineer requires information technology experience in the methods, procedures and actions required to protect and secure information systems hardware and software against malicious and damaging attacks and actions. The successful candidate should have experience or an awareness of utilizing cybersecurity tools, network topologies, and software or other intrusion detection methods. The candidate should be well-versed in Web Application Penetration and Intrusion Testing software and methods, specifically OWASP, and the deployment of safe and secure systems based on sound design and implementation techniques as guided by the Cybersecurity Engineer-Senior. Additionally the candidate should be familiar with NIST special publications, specifically NIST SP800-53. This is a full-time position located on site in Austin, TX.
- Utilize cybersecurity industry standard methods in providing secure systems.
- Scan, monitor, and report on system vulnerabilities.
- Must be able to plan and deploy countermeasures
- Work closely with the Information Security Office in surveillance of user, software and network assets for appropriate use and enterprise wide protection.
- Stay abreast of current cybersecurity trends relevant to the client’s business and system security.
- Foster an innovative and inclusive team-oriented work environment.
- Demonstrate technical capabilities and professional knowledge.
- Demonstrate ability to learn new cybersecurity techniques.
- BA or BS Management Information Systems, Computer Science, Info. Security or Engineering required, or equivalent work experience
- Ten (10) years of progressive experience in cybersecurity practices
- Eight (8) years of additional experience can be substituted for education requirements therefore a minimum of 18 years of experience without degree
- Member of Open Web Application Security Project (OWASP) and/or Information Systems Security Association (ISSA) preferred.
- Offensive Security Certified Professional (OSCP) certification is preferred.
- CISSP/CASP/CLLSP Certified Information Systems Security Professional (ISC2) is preferred
- Demonstrated experience in vulnerability scanning and related products such as Nessus, Burp Suite, AppScan, Kali Linux, and similar tools.
- Ability to review and interpret both logs and packet captures from various tools and devices including Security Information and Event
- Management (SIEM) products.
- Deep understanding of TCP/IP and Routing & Switching
- Experience with various end-point security solutions, platforms, and automation
- May be required to obtain a security clearance
- Ability to work independently and be self-directed
- Strong organizational and time-management skills
- Ability to work overtime required on occasion
- Ability to sit in an office environment for long periods of time.