Information & Network Security Engineer
*This role DOES require a Federal Security Clearance
*PA Residency is required
JOB PURPOSE AND SUMMARY
This position is responsible for all aspects of information security within the Agency, including the proactive monitoring of all information technology assets for potential security issues as well as the application of security best practices to mitigate risks within the organization. This position is responsible for identifying new security requirements and technologies and for leading the complex security projects with minimal oversight from management. This position performs at a moderate level of complexity with a high level of proficiency under general supervision.
Manage and support the security technologies within the team's jurisdiction (to include defensive and offensive security solutions on the perimeter and internal networks such as firewalls, intrusion prevention, data loss prevention, etc.).
Perform and review vulnerability scans and penetration tests, and assist the peer Digital Technology Solutions (DTS) teams with security best practices in their respective areas.
Identify information and network security weaknesses and provide appropriate solutions in the Agency's blended cloud and on premise architecture.
Research, design, participate in or lead the implementation of low to moderate complexity security initiatives.
Perform ongoing oversight of the vulnerability and security patch management programs.
Deploy and administer vendor and internally developed software and procedures to address security requirements.
Monitoring and processing of configuration change requests and service desk tickets.
Under guidance of senior information and network security engineers and security architects, work to identify threats and vulnerabilities, and collect, correlate, and analyze data to detect actual or potential unauthorized access to the agency's networks and systems in the Agency's blended cloud and on premise architecture.
Resolve issues by taking the appropriate corrective action or by following escalation procedures.
Monitor for and identify deviations from security policy and demonstrated practices and report on risks and exposures needing remediation. Communicate and collaborate with subject matter experts to determine mitigation strategies and recommend remediation solutions and timelines.
Experience with vulnerability management using Nessus Manager, Nessus Scanner and Tenable.sc.
Experience with endpoint protection products such as Trend Cloud one, Microsoft Defender, ATP, Bitdefender or similar is preferred.
Provide support and evidence collection for internal and external audits.
Minimum qualifications: Bachelor's degree with two to five years of relevant work experience in information security administration or any combination of training, experience and/or certifications.
Proficient with the implementation of security principles, risk assessment policies and standards, information security best practices, products and technologies, defense-in-depth strategies, and network technologies.
Knowledge of the National Institute of Standards and Technology (NIST) security controls family and guidance (especially NIST SP800-53).
Knowledge and experience in several of the following areas: access control, application development, database, encryption, network, mainframe, security controls, server hardening, and server patching technologies.
Demonstrated effective skills with time management, prioritization, and attention to detail.
Demonstrated analytical, critical thinking, and organizational skills.
Possess a high level of integrity and ethics.
Proficient in Microsoft Office suite.