• Tenable Security Engineer

    Job Locations US-DC
    Posted Date 3 weeks ago(1/3/2019 1:36 PM)
    Job ID
    2019-2282
    # of Openings
    1
    Category
    *Management Consulting
  • Overview

    Acuity is looking for a Tenable Security Engineer with experience and desire for performing cyber security operations, analyzing events and responding to incidents. Candidate will join a team of engineers to perform cyber security monitoring and provide technical support for our government client in Washington, DC. You will be providing on-site expert technical support on cyber/systems security projects.

     

    Acuity is a leading management and technology consulting firm that specializes in serving the federal government. Our innovative, collaborative and rewarding work environment has earned repeat honors from the Washington Business Journal’s Best Places to Work and SmartCEO Corporate Culture awards.

    Responsibilities

    • Implement Tenable SecurityCenter and Nessus scanner.

    • Develop Nessus compliance audit files and associated conversion from DISA STIG or CIS.

    • Maintain, update, patch, and enhance Tenable SecurityCenter system to ensure optimal operational state.

    • Perform data clean up and configuration of scan jobs, asset groups, dashboards, data repositories, and reports.

    • Run ad-hoc scans, queries, and reports.

    • Identify and fix problems with scans (such as incorrect credentials, firewall blocks and failed scans).

    • Validate and maintain asset lists for scans.

    • Develop custom reports.

    • Develop new or updated compliance audit files.

    • Compile scan data for IT priority remediation and executive status presentations.

    • Manage scans from Tenable.io.

    • Define, plan, design, and evaluate information security systems and architecture.

    • Installing and updating security systems with latest vendor updates.

    • Coordinate the provision of any required regular reporting on security metrics.

    • Develop and implement information systems security policy.

    Qualifications

    Qualifications – Education and Work Experience

    • Bachelor’s Degree in Computer Science, Information Systems, Cybersecurity, or Telecommunications, or related technical or functional discipline.
    • At least 6 years of professional work experience performing IT system analysis, IT system administration, IT or cyber security operations, including hands-on experience with security tools and devices such as network firewalls, web proxy, intrusion prevention system, vulnerbility scanner and penetration testing tools.
    • Excellent analytical and problem solving skills as well as interpersonal skills to interact with customers, team members and upper management.
    • Two (2) or more years of experience in designing, architecting, and implementing security controls and securing enterprise-wide systems, applications, network, and infrastructure services.
    • Strong familiarity with Federal compliance standards such as NIST 800-53, FIPS, FedRAMP. 
    • Specialization in at least one of the following fields with four (4) or more years of experience:
    • Building and administering security devices such as network firewall, web proxy, data loss prevention systems, and intrusion prevention systems.
    • Building and administering Windows Server and Active Directory.
    • Building and administering Linux/UNIX based systems.
    • Building and administering Network devices (e.g., Cisco, Juniper).
    • Conducting dynamic web application security testing, both manual testing and utilizing application security tools to discover exploitable vulnerabilities.
    • Conducting database security assessment and monitoring.
    • Operating System Firewall configuration on Windows and Linux Systems.
    • Secure system to system communication including but not limited to RDP, WinRM, SSH.
    • System level security protocols such as IPSec, PKI, SSL.
    • Excellent written and verbal communication skills.
    • Proficiency with Microsoft Office products: Word, Excel, and PowerPoint, Visio.
    • Timely and precise organizational skills.
    • Critical and creative thinking and analytical skills.
    • Ability to multi-task in a high volume, fast-pace work environment.
    • Ability to perform effectively in a flexible, team-oriented environment.

     

    Desired Skills/Certifications (not required)

    • Hands-on experience performing continuous monitoring of system, application and network event data using tools such as ArcSight, Titus and  SourceFire.
    • SANS: GIAC GCED, GCIH, GCFA, OSCP, GIAC GOLD;
    • ISC CCFP, CSIH;
    • EC Council: ECSA, CHFI, ECIH or C|EH.
    • Hold one of the following certifications: CISSP, Security+.

     

    Clearance Requirements

    • Must be US Citizen and be able to obtain and maintain a Public Trust Suitability.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed