Security Analytics System Engineer

The Security Analytics System Engineer supports a Civilian Agency Cyber Security Operations Center (SOC) organization protecting the network security of tens of thousands of users. The work site is located in Leesburg, Virginia.

The Security Analytics System Engineer requires the ability to:

• Plans, conducts and oversees highly complex projects or major phases of significant projects; Performs security network engineering efforts.

• Conducts investigations and tests of complex security software systems to enhance performance or investigate and resolve matters of significance.

• Reviews completion and implementation of technical products to ensure success and timeliness.

• Reviews literature, and current practices relevant to the solution of more complex network security projects.

• Recommends corrections in complex technical applications and analysis to enhance performance.

• Acts as the initial contact with vendors on more complex projects to provide required products or services.

• Provides leadership and work guidance to less experienced personnel.

• Provides technical consultation to other organizations; interacts with senior customer personnel and internal senior management.

• Provides the customer base with first level support.

• Performs comprehensive security assessment of all designs within all enterprise networks, advises senior level executives of network vulnerabilities, and develops procedures and policies to rectify.

• Any other duties as requested by the Contracting Officer Representative and SOC management.

Qualities/Additional info: Security Analytics System Engineer should be a proven team player with excellent oral and written communications skills, and a fine attention to detail. He/she should also be a self-starter, capable of working on projects independently, if required. Extremely effective oral and written communications skills necessary to present strategy, architecture and status information to the client in both formal and informal review settings. Frequent interaction with government client is required. Occasional local travel. Occasional local travel. Infrequent (<5%) local travel, infrequent (<5%) long distance travel.

Required Education and Experience:


- Bachelor's degree in Computer Science, Information systems.


- Minimum ten (10) years of relevant professional experience.


- Engineering, network security analysis or OS programming.

- Minimum six (6) years of Computer Network Defense (CND) experience.

- Experience with Enterprise Sensors (Sourcefire, SNORT, Cisco, ISS, McAfee, etc.).

- Experience with IDS/IPS custom signature creation and deployment.

- Experience with full packet capture and DNS technology and concepts.

- Experience with network principals, routers, switches, firewalls and VPN technologies.

- Experience writing policies, procedures, and TTPs.

- Experience composing presentations and briefing senior management.

- CISSP, CCNA, Security+ and/or relevant Certification.

- Minimum eight (8) years of experience in network security.

Preferred Experience:

- Development experience with a programming language, especially the following: C, C++, Java, with additional familiarity in languages such as Ruby, Perl, Python, and SQL.

- Experience with information security devices (e. g., firewalls, and intrusion detection/prevention systems) and applications (e.g. security information management tools like ArcSight).

- Experience with NAC and web proxy solutions (ForeScout, BlueCoat, etc.).

- Strong analytical and creative problem solving skills to resolve highly complex software design issues and create new software.

- Good leadership skills to mentor, oversee, and lead team members.

- Strong interpersonal skills to interact with senior customers, management and team members.

- Strong communication skills to interact with team members and senior support personnel.

- Experience working in a network security environment, such as a Security Operations Center (SOC), Computer Emergency Response Team (CERT), Computer Incident Response Team (CIRT), Computer Incident Response Center (CIRC) or Cyber Security Incident Response Center (CSIRC).


Back to top