Share this Job

Senior Security Engineer

Apply now »

Date: Jul 26, 2022

Location: Sterling, VA, US

Company: NTT DATA Services

Req ID: 198988 

NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Senior Security Engineer to join our team in Sterling, Virginia (US-VA), United States (US).

The Senior Security Engineer supports one or more of the following cybersecurity related functions, information security, incident response, cybersecurity, user activity monitoring, computer forensics, Security Planning Assessment &Authorization (SPAA), vulnerability assessment and management, network data capture, intrusion detection, log management, auditing, security incident and event management (SIEM), and penetration testing.  Personnel assigned to this role will serve primarily on the Security Engineering Team. This role is responsible for coordinating with other internal teams, sections or divisions within the organization.

 

Duties for the Senior Security Engineer include the following:

  • Engineers, architects, implements, deploys, maintains, and administers security products and tools.
  • Conducts research, evaluates, and makes recommendations on emerging technology.
  • Conduct cyber assessment activities including threat modeling, analysis and analysis of mitigation solutions.
  • Coordinate and address supply chain management concerns.
  • Coordinate with system architects and developers to provide oversight in the development of solutions and integration of security tools.
  • Conduct security testing and evaluation during the development and release
  • process for security tools and hardware (virtual or physical)
  • Reviews, and interprets Federal guidelines and policies, and industry standard best practices.
  • Provides subject matter expertise, support, leadership, and training.
  • Provides support on all information security activities at the program level including policy development, compliance inspections, audits, reviews and communications security.
  • Provides support and works on the development phases of information security systems development lifecycle.
  • Evaluates, and supports the documentation, validation, and SPAA processes, necessary to meet the organization’s IA requirements; and ensures compliance from internal and external perspectives.
  • Conducts assessments of threats and vulnerabilities pertaining to security tools and architecture, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations.
  • Documents incident correlation requirements, selects incident correlation engines and recommends configuration guidelines. Performs analysis to determine the optimum configuration of network and host sensors.
  • Conducts the integration/testing, operations, and maintenance of systems security.
  • This analysis includes traffic load analysis, performance impacts of monitoring, determination of potential attack characteristics based on mission and infrastructure, and determination of site-specific data collection requirements.
  • Provides system operation support, administers hardware and software inventory, and oversees administration of a laboratory environment.
  • Analyzes and recommends resolution of information security problems based on knowledge of the major information security products and services, an understanding of their limitations, and a working knowledge of the disciplines of information security.
  • Conducts research and develops security policies relevant to client environment and analyzes outside security information for relevance to DEA.
  • Installs, and upgrade computer hardware and operating systems (Windows, and
  • UNIX) in an enterprise environment.
  • Additionally, engineers are expected to be able to perform the duties of the cybersecurity analyst positions as requested by the COR/GPM.

 

Basic Qualifications:

  • Minimum of six (6) years’ experience Information System Security, security engineering and integration computer forensics, insider threat, or SPAA, to include:
    • Minimum of three (3) years demonstrated experience performing architecting, engineering, integrating, developing and/or deploying information technology products (hardware and software) in an enterprise environment. Experience with the software development lifecycle and integration of security tools.
    • Experience using some/all of the following tools: SourceFire, ArcSight, Splunk, NetWitness, Guidance Software, Digital Guardian, Raytheon (SureView), NMAP, Metasploit, Request Tracker, Nagios, Intelliview, Nessus, and Foundstone
  • Bachelor degree from an accredited college or university in one or more of the following disciplines or equivalent (documented formal training): computer science, information systems analysis, science/technology, information management, computer engineering, or electrical/electronic engineering; 4 additional years of experience and an Associate’s degree or 8 additional years of experience may substitute for a degree.
  • Secret security clearance (position may require upgrade to Top Secret clearance)

 

Preferred Qualifications:

  • Top Secret security clearance
  • Master’s degree in computer science, information systems analysis, science/technology, information management, computer engineering, or electrical/electronic engineering; 4 additional years of experience and a Bachelor's degree will substitute for a Master's degree
  • Any combination of security engineering experience in the following areas.  Qualys, Splunk (CORE, UBA, ES), Tenable SC, Digital Guardian or like UAM tools, VMware (ESXi, vSphere, etc.), Nagios, Science Logic, EDR platforms (Counter Tack, CrowdStrike, FireEye), Intelliview, Networking, Infrastructure and Architectural experience, Linux, Vectra, NAS/SAN (NetApp, EMC), Cisco Fire Power, and the ability to learn new tools and suites of products.
  • Splunk fundamentals
  • Splunk CORE experience
  • Splunk ES  experience
  • Splunk Administration experience backend/front end
    • Dashboard creation 
    • Onboarding system owners
    • Standing up Indexes, Heavy forwarders, Universal forwarders, configuring Key value pairs
    • log requirement validation
  • Familiarity with conversion to a Splunk clustering, etc.

 

Substitutions:

  • Any combination of certificates such as Microsoft’s MCSE, or Cisco’s, CCNA, CCDA, or CCNP, may be considered equivalent to two (2) year of general experience. Certificates under the DoD IAM, IAT, IASAE, or CSSP Levels II or III may be considered equivalent to two (2) years of relevant experience.

 

Federal Job Posting Language (eff. 1/24/2022)

Candidates for this position will be required to adhere to NTT DATA’s and its clients’ COVID-19 health and safety protocols. NTT DATA is committed to complying with the Safer Federal Workforce Task Force COVID-19 Workplace Safety Guidance for Federal Contractors and Subcontractors to the extent it is enforced by the federal government or any of its clients. If this position becomes subject to a COVID-19 vaccination mandate based on applicable law or client requirement, candidates will be required to become fully vaccinated as defined by NTT DATA or be approved for an exemption in accordance with applicable law.

 

About NTT DATA Services

NTT DATA Services is a global business and IT services provider specializing in digital, cloud and automation across a comprehensive portfolio of consulting, applications, infrastructure and business process services. We are part of the NTT family of companies, a partner to 85 % of the Fortune 100.

NTT DATA Services is an equal opportunity employer and considers all applicants without regarding to race, color, religion, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic protected by law. We are committed to creating a diverse and inclusive environment for all employees. If you need assistance or an accommodation due to a disability, please inform your recruiter so that we may connect you with the appropriate team.


Nearest Major Market: Washington DC

Job Segment: Testing, Computer Science, Network, Cloud, Systems Analyst, Technology