Government ServicesBusiness Unit:
Government ServicesRequisition Number:
United States-Virginia-RestonOther Locations:
United States-Virginia-RestonAssignment Category:
Full-time regularExperience Level:
Mid levelEducation Required Level:
Bachelor's DegreeTravel Required:
Siemens Government Technologies, Inc. is a wholly-owned subsidiary of Siemens, uniquely qualified to perform work for the U.S. Government. We are focused on enhancing the safety and
security of the nation's assets and infrastructure, as well as assisting to improve operational and energy performance.
As an independent U.S. company with its own Board of Directors, SGT maintains a unique relationship with Siemens. We are able to leverage resources of professionals world-wide with demonstrated domain expertise and proven past performance to manage large scale, mission critical programs. The future of SGT is bright. By integrating world-class people, process, products and technology, SGT is expanding its role as an important part of our nation's
We offer a highly competitive compensation and benefits package, along with the opportunity to grow your career with a well established
For further information, please visit: http://www.siemensgovt.com/ Job Description: Job Summary:
Siemens Government Technologies is seeking an individual for a position as a Senior IT Security Specialist located in Reston. VA. As a Senior Information Security Specialist you will work with the IT team in performing analysis and support in identifying and remediating security threats and incidents. The ideal candidate will have an understanding of large scale security infrastructure, network protocols, security defenses, proactive defense measure, mitigation techniques, incident response and compliance. Responsibilities:
- Identify potential IT security incidents and perform triage of incoming security threats by performing preliminary and secondary analysis of those events
- Provide analysis and support to include identifying potential threat, anomalies, and infections; assemble indicators to support conclusions, documenting findings, providing recommendations validating the events and work with the IT team to remediate the findings.
- Analyze traffic flows, system logs, Perform risk assessments and testing
- Respond to requests for and perform technical support to end users on a variety of IT and security issues.
- Conduct hardening and compliance review of Server/Client OS (DHS/USGCB, etc.), Network Devices, and other IT assets.
- Perform preliminary forensic evaluations of internal systems.
- Identify, research, and resolve technical problems
- Document, track and monitor problems to ensure a timely resolution.
- Ensure that Information Security risk assessments, deficiency analysis, system checks and audits are performed regularly
- Responsible for information security incident technical discovery, response and remediation.
- Continuously monitor the existing Information Security standards (NIST 800-53, 800-171 and FIPS 140-2).
- Protect system by defining access privileges, control structures and resources.
- Recognize problems by identifying abnormalities and reporting violations.
- Implement security improvements by assessing current situation, evaluating trends and anticipating requirements.
- Determine security violations and inefficiencies by conducting periodic audits on accounts and workspaces
- Keep management informed by preparing performance reports and communicating system status.
- Maintain quality service by following organization standards.
- Assist in maintaining security policies, standards and processes when changes are required.
- Assist in tracking security incidents and maintaining a list of them in a security incident database.
- Assist in preparing notices for distribution to users alerting them to potential security issues when needed.
- Establish and maintain information security policies and procedures to safeguard the confidentiality, integrity and availability of all corporate information.
- Assist in Compliance to ensure the security and integrity of employee, customer and company data.
- Assist in managing the development, testing, deployment, monitoring, maintenance and operations of information security systems.
- Assist in ensuring that Information Security risk assessments, deficiency analysis, system checks and audits are performed regularly.
- Assist in maintaining and monitoring of the company's Information Technology disaster recovery programs.
- Identify requirements and assist in maintaining and updating Security training development and Awareness Campaign - annual refresher training content and internal phishing campaigns.
- Must be a U.S. Citizen with the ability to obtain a DOD security clearance
- Bachelor's degree in System Engineering, Computer Science, Information Systems, Engineering Science, Engineering Management, or related discipline from an accredited college or university is required. Five (5) years' of additional experience may be substituted for a bachelor's degree.
- Minimum of five (5) years of related experience, and/or training in the field of IT security monitoring and analysis, cyber threat analysis, vulnerability analysis, or similar cyber security related field.
- Five (5) years of information security experience.
- Five (5) years of hands-on experience with any of the IDS (intrusion detections system) tools and IPS (intrusion prevention systems)
- Minimum of five (5) of hands-on experience performing traffic analysis, intrusion analysis and detection.
- Two (2) years of IT system administration experience (e.g. Windows or Linux/Unix).
- Two (2) years of experience creating or maintaining security related documentation
- Experience using enterprise security tools and technologies (e.g., Trend Micro, Websense, BIT9, Cisco Firepower, NexPose and Nessus)
- Possess the ability to recognize publicly known attack traffic patterns.
- Fundamental knowledge and understanding of TCP/IP, routing and switching. Hands-on experience using tcpdump or WireShark is a plus.
- Strong familiarity and an excellent understanding of TCP/IP and the functioning of its component protocols.
- Excellent communication skills, both oral and written
- Ability to perform periodic and AD Hoc Vulnerability scans
- Ability to assess the scan results, web applications, network configurations and recommend remediation procedures
- CISSP, CISA, GIAC or related professional certification is highly preferred.
- Security + Certification is a plus.
Candidate must be a US citizen and subject to a government investigation for a DOD Secret Level Clearance. Equal Employment Opportunity Statement
Siemens is an Equal Opportunity and Affirmative Action Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to their race, color, creed, religion, national origin, citizenship status, ancestry, sex, age, physical or mental disability, marital status, family responsibilities, pregnancy, genetic information, sexual orientation, gender expression, gender identity, transgender, sex stereotyping, protected veteran or military status, and other categories protected by federal, state or local law. EEO is the Law
Applicants and employees are protected under Federal law from discrimination. To learn more, Click here . Pay Transparency Non-Discrimination Provision
Siemens follows Executive Order 11246, including the Pay Transparency Nondiscrimination Provision. To learn more, Click here .