Security Engineer, Principal Subject Matter Expert (Tier Iii)

Who We Are

NetCentrics proudly holds a distinguished position as a leader in cybersecurity, cloud, digital transformation, and mission support. With an esteemed clientele that includes the DoD, DHS, Federal Civilian Agencies, and the Intelligence Community, our impact on national security is undeniable. We are a diverse group of intellectually curious people, solving hard problems, and living by our core values while bonded by the shared vision to secure our nation - join us! 

The Opportunity:

The scope of this effort is to provide support to the Naval Higher Education Information Technology Consortium (NHEITC) Cybersecurity Operations Center (CSOC), located in Monterey, CA in the areas of Computer Network Defense, Incident Response, Management, Forensics, Vulnerability Analysis, Risk Management Training, Framework, Cybersecurity Incident Handling and Management, Zero Trust Architecture Defense, Security Engineering, Cyber Threat Intelligence Services, Continuity of Operations for CSOC Services, Academic Program Support, Research Program Support and Contractor Training Requirements. As the security Engineer Principal Subject Matter Expert (SME) you need to be well versed in the design, deployment, implementation, and maintenance of Zero Trust Architecture (ZTA) informing security events, assessments, and security design consultation, with a focus on Identity Access Management (IAM) in support of ZTA.

Key Responsibilities:

• Write in languages such as in Bash, PowerShell, or Python.
• Use automation-of-tasks & security-as-code principals.
• Proficiency in common industry security products such as next- generation Firewall, IDS/IPS, EDR, SOAR and SIEM.
• Develop, review, and implement SNORT, Yara, or MS Sentinel rulesets.
• Operate within Git framework.
• Support incident response activities as assigned.
• Implement Linux OS security-hardening.
• Implement Windows security-hardening.
• Knowledge or exposure to STIX / TAXII for threat feeds.
• Develop Splunk dashboards.
• Operate, deploy, and maintain Ansible, Docker, and other forms of automation and containerization.
• Support knowledge management in Splunk platforms.
• Proficient operation and development of Palo Alto XSOAR, NGFW, XDR or similar industry security product.
• Implement OSX security-hardening.
• Able to develop portable, reusable, and modular solutions within security-as-code.
• Able to operate common penetration testing tools within Kali Linux and Parrot OS.
• Use YAML, JSON, XML formats.
• Use SPL or KQL.
• Use Binary Logic development, Regular Expression development.
• Debug Bash, PowerShell, or Python.
• Support team members in vulnerability analysis (static code analysis, known vulnerability analysis) and support tracking cybersecurity implementation issues based on vulnerability analyses.
• Support the vulnerability management program.
• Conduct fuzzing activities within vulnerability management.
• Support penetration testing activities.
• Guide junior personnel through problematic projects ensuring robust technical response and implementation. If meaningful, determine root cause (including training or knowledge deficiencies) for ineffective action and remediate or direct change.
• Coordinate with IH-P for change requests requiring engineering support.
• Evaluate incident handler accesses for sufficiency to support full-spectrum defensive operations.
• Evaluate, recommend, and queue IHT1/IHT2 tool/software improvements requiring engineering support entered by the Incident Handler Principal
• Coordinate projects, define, and communicate milestones and contractor engineering level of effort to both the Project Manager (Government position) and the Lead Cyber Engineer / Architect (Government position).

Experience Required:

• Possess technical mastery over required Knowledge, Skills, and Abilities (KSA):
• Proficient working knowledge of OSI model, TCP/IP model, and Common Network Protocols.
• Proficient working knowledge of NIST or ITIL process management (Incident, Change, and Request Management).
• Proficient working knowledge of modern Identity Access Management (IAM), encryption, authentication, and authorization.
• Proficient working knowledge of basic cryptography and modern authentication.
• Proficient working knowledge of an incident response framework.
• Working knowledge of cloud platforms such as AWS, Azure, Google Cloud Platform.
• Working knowledge of MITRE and NIST.
• Working experience in systems engineering, or software engineering.
• Working experience developing technical processes, procedures, and guidelines.
• Working knowledge of deep learning and machine learning frameworks.
• Working knowledge of failure analysis techniques.
• Working knowledge of web-attacks such as Broken Access Control, Injection, Identification and Authentication failures, SQL injection, CSRF, XSS etc.
• Working knowledge of asset attack vectors.

Required Qualifications/Certifications:

• Education: Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field.
• Experience:
  • At least three (3) years of professional experience in incident detection and response, and/or at least three (3) years of experience in system administration, database administration, network engineering, software engineering, or software development Security Engineer Senior / Principal (SE-P).
  • 7+ years using NIST or ITIL process management (Incident, Change, and Request Management).
  • 7+ years integrating and using SIEM and SOAR technology.
• Clearance: Possess a current TS clearance with SCI eligibility.

A Place Where You Belong

At the heart of our organization lies a set of five core values that guide every facet of our work. "Mission First" epitomizes our unwavering commitment to our goals. "People Always" underscores the significance we place on our team's well-being and development. We continually strive to "Be Eminent" by consistently pushing the boundaries of excellence. "Embrace the Team" reflects our unwavering belief in the power of collaboration, recognizing that together, we attain greatness. With every action, we "Act with a Purpose," ensuring that our efforts contribute meaningfully to a larger mission. These values serve as the bedrock of our company culture, propelling us forward as a united and purpose-driven team.

Why Join Us

Join us not just to be a part of safeguarding our nation, but to be at the forefront of innovation, where your ideas and expertise play a pivotal role in shaping the future of cybersecurity and IT. Together, we're not just protecting systems; we're pioneering them. Come be a part of our team and redefine the possibilities in our industry!

EEO Commitment

This employer participates in E-Verify and will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status or on the basis of disability.

Equal Opportunity Employer/Veterans/Disabled