Cybersecurity Engineer 8/25/2016
JOB DESCRIPTIONAPPLY Job Description
Decypher is a leading integrator of professional, technology, and management solutions and services. We provide our services globally to Federal, Commercial, Local and State clients. Our employees are our most valuable asset and play an integral role in the success of Decypher and our clients. Working at Decypher is not a job, but a career where your talent and energy is respected and you can personally make a difference. Decypher invites you to join our professional team. Decypher is an equal opportunity/affirmative action employer committed to diversifying its workforce (M/F/D/V).
Decypher is seeking Cyber Security Engineer candidates to support the USDA at Riverdale, MD
* Planning and documenting the configuration guidelines of network cybersecurity components (IP addressable devices) that comprise the APHIS network infrastructure in accordance with the guidelines and direction provided in APHIS policy and by the APHIS Information System Security Program Manager (ISSPM), Deputy ISSPM, or Chief Information Security Officer (CISO);
* Providing risk-based recommendations to the government related to change requests for cybersecurity defense configurations (e.g. firewall rules, proxy exceptions, other rules, CounterAct/IDS/IPS threat assessments, etc.); [CounterAct is a ForeScout Network Access Control and asset management product, IDS refers to intrusion defense systems, IPS refers to intrusion prevention systems];
* The contractor may be asked to use state-of-the-art network practices and cybersecurity tools approved by the ISSPM, Deputy ISSPM, or CISO to develop the guidelines; this may include monitoring the availability, performance, and cybersecurity posture of the network with the installed Continuous Diagnostics and Mitigation (CDM) Program toolsets at APHIS;
* The contractor activities involve most aspects of network cybersecurity engineering technologies including Internet access, intrusion defense and detection, desktop security, remote access services, network management, secure USGCB configuration, and troubleshooting of cybersecurity resource configurations on such devices as Intrusion Detection/Prevention Sensors, Firewalls, Virtual Private Networks (VPN), and Secure Socket Layer (SSL) links;
* Work may involve planning, analysis, documentation, and compliance with information systems cybersecurity programs, policies, procedures, standards, and tools, especially those associated with the CDM Program;
* The contractor shall follow the APHIS Change Management protocols and policies in place;
* All network cybersecurity engineering designs will be coordinated as appropriate within the APHIS governance and System Development Life Cycle (SDLC) models, and must be approved by the ISSPM, Deputy ISSPM, or CISO as appropriate;
* Other general cybersecurity engineering activities as required by the Agriculture Security Operations Center (ASOC), the USDA CIO, DHS, or OMB.
* Experience with cybersecurity engineering for the federal government, including remediation strategies for vulnerabilities and cyber incidents and in providing guidelines and recommendations for detection and prevention;
* Subject matter expertise in creating and documenting engineering guidelines for engineers, software developers, and operational personnel that comply with the latest appropriate guidelines, including FISMA, DHS, CDM, OMB, and NIST guidelines;
* Ability to write and illustrate clear, understandable technical configuration guideline information for IP addressable devices such as firewalls, gateways, switches, servers, workstations/laptops and mobile devices;
* Certified Advanced Security Practitioner (CASP) certification; certifies critical thinking and judgment across a broad spectrum of security disciplines and requires implementation of clear solutions in complex environments;
* CSSLP - Certified Secure Software Lifecycle Professional desired, but not required; in lieu of CSSLP, candidate may simply have 3-5 years experience in developing cybersecurity software development guidelines to bake cybersecurity into code from the ground up; Note: no actual programming skills are required;
* Experience with MS Office tools such as Visio, Word and Excel;
* Experience with cybersecurity tools, such as, but not limited to, Splunk, CounterAct, SolarWinds, Bro, Cisco IPS/IDS, and Trustwave.
* 5-7 years of experience in cybersecurity engineering for the federal government.
* Subject matter expertise in creating and documenting engineering guidelines for engineers and operational personnel that comply with the latest appropriate guidelines, including FISMA, DHS, OMB, and NIST guidelines.
* Ability to write and illustrate clear, understandable technical configuration guideline information for IP addressable devices such as firewalls, gateways, switches, servers, workstations/laptops and mobile devices.
* Experience with MS Office tools such as Visio, Word and Excel,
* Experience with cybersecurity tools, such as Splunk, CounterAct, SolarWinds and Trustwave.