Looks like a great job opportunity has turned up over at the NoVA Hackers Association’s facility host. I know several of the folks that work in their security department over there and it seems like a challenging and rewarding place to work.
ICF International (NASDAQ:ICFI) partners with government and commercial clients to deliver professional services and technology solutions in the energy and climate change; environment and infrastructure; health, human services, and social programs; and homeland security and defense markets. The firm combines passion for its work with industry expertise and innovative analytics to produce compelling results throughout the entire program life cycle, from research and analysis through implementation and improvement. Since 1969, ICF has been serving government at all levels, major corporations, and multilateral institutions. More than 3,500 employees serve these clients worldwide. ICF’s Web site is www.icfi.com.
ICF International is currently looking for a Security Engineer II with enterprise security architecture and engineering experience. This position will report directly to the Information Security Officer in the Corporate Information Technology group.
The Security Engineer II will implement, utilize and maintain security solutions related to host and network based intrusion detection and prevention, access control, system hardening, firewalls, encryption, PKI, and configuration/incident/vulnerability management. The Security Engineer II will interface with internal and external users and ICF business clients to identify, mitigate, and provide timely resolution of information security issues and events.
- Serve as an internal information security consultant to the organization
- Enforce compliance with information security policies and procedures
- Initiate, facilitate, and promote information security awareness
- Perform risk assessments and serve as an internal auditor for security issues
- Perform security assessments, penetration tests, and code reviews
- Conduct incident response and system triage
- Conduct forensic investigations of systems and network communications
- Bachelor’s degree
- At least 3 years of experience working in an environment performing information security related tasks as defined responsibilities or comparable experience conducting documented information security research is required.
- At least 1 year of experience scripting and/or programming experience (Python, Ruby,C, Java)
- Experience identifying and resolving security issues on computer systems
- Experience with log monitoring, analysis, and correlation
- Experience performing enterprise incident monitoring, response, and analysis
- Experience using commercial and open source security software such as Nmap, Nessus, Wireshark, Rapid7, WebInspect, Metaspl0it Framework, Ettercap, Burp Suite, etc
Special Job Conditions:
- Must be bondable
- Must be able to live 25lbs
- Must pass background check and drug screen
- Must be available for on-call incident response
- Must be available to work scheduled hours for position
- Must be available to work overtime if necessary to meet deadlines
- Bachelor’s degree in Computer Science, Information Systems Engineering, Computer Forensics or Computer/IT related degree
- Systems Engineering, Computer Forensics, or an equivalent amount of IT industry training and/or work experience
- Web application testing and/or development experience
- Experience conducting forensic analysis and investigations
- Experience working with databases and implementing database security controls
- Experience managing Arcsight Logger and/or Arcsight ESM
- Malware analysis and reverse engineering experience
- Familiarity and understanding of Microsoft, Apple, and UNIX/Linux operating systems
- Knowledge of current NIST and Executive security policies, standards, and regulations
- Strong knowledge of TCP/IP communication, routing protocols, and client server communication technology
- Ability to apply for and be granted a Top Secret security clearance
- Any of the following certifications:
- Microsoft: MCITP, MCTS, MCPD
- Cisco: CCNA, CCNA-Security, CCNP, CCSP
- IT Governance: CISA, CISM, GSNA
- General: CISSP, SSCP, GSEC, GISP
- Linux: RHCE, LPI
- Offensive: OSCP, OSCE, OSWP, GPEN
- Forensics: EnCE, GCFE, GCFA, GREM
- ArcSight: ACSA, ACIA, ACASA, ACAIA
- Applications: GWAPT
- Incidents: GCIA, GCIH
- Able to present a professional appearance and demeanor at all times
- Strong oral and written communication and organization skills
ICF offers an excellent benefits package, an award winning talent development program, and fosters a highly skilled, energized and empowered workforce.
ICF International is an Equal Opportunity and Affirmative Action Employer – M/F/D/V
To apply for this position please visit ICF’s Career Center and search for job number 1100002525.
Today’s post image is from NationalDefenseMegaDirectory.com.