NorthHill Technology Resources has a need for a Systems Security Engineer to support a Federal Program in Washington, DC.  This is a direct-hire role with our client, a fast-growing Federal Cybersecurity Integrator.  A TS/SCI and Yankee White Clearance is required.

 Overview
The Security Systems Engineer will be responsible for the technical management of security infrastructure supporting both Windows and Linux-based network platforms. The role involves overseeing security system maintenance, upgrades, and expansion, ensuring all systems comply with Department of Defense (DoD) and DISA (Defense Information Systems Agency) policies. This position is located at the Naval Station Anacostia Annex in Washington, DC.

Key Responsibilities

• Security Infrastructure Management: Oversee and manage security infrastructure on Windows and Linux-based networks. Ensure compliance with DoD policies and DISA guidelines for system and security updates, patches, and configurations.
• System Maintenance: Conduct security system maintenance, upgrades, and troubleshooting in line with DISA requirements, ensuring system performance, security, and availability.
• Network Operations: Maintain and monitor security systems, including IDS, HBSS, and related tools, to ensure the health of applications and systems.
• Security Policy Development: Create and update security policies, procedures, and configurations in accordance with DISA standards to protect critical network infrastructure.
• Incident Response: Work with first responders and analysts to detect and address security anomalies and events through system monitoring, HBSS reports, and incident tracking.
• Reporting & Analysis: Develop and generate SQL-based reports, run queries, and analyze system logs and HBSS data to identify and resolve potential security threats.
• Collaboration: Collaborate with various divisions and departments to resolve security issues, ensure system upgrades, and meet operational objectives.
• Training & Documentation: Develop training materials and provide on-site training regarding system configurations, security tools, and policies. Maintain detailed documentation for system configurations and procedures.
• Security Detection & Prevention: Implement and tune security software to detect and prevent malicious activity, including deploying, configuring, and testing new agents.

Desired Skills

• Technical Communication: Strong oral and written communication skills, with the ability to produce clear technical documentation and effectively interact with various teams.
• System Administration: Hands-on experience managing multi-site network environments (Windows/Linux), including experience with McAfee’s ePO, Rogue Sensor Detection, HIPS, Policy Auditor (PA), Data Loss Prevention (DLP), etc.
• Intrusion Detection & Prevention: Deep understanding of intrusion detection techniques, with hands-on experience in protecting DoD computer networks and systems.
• Cloud Security: Experience with cloud-related security principles, including design, engineering, and maintenance.
• System Performance & Availability: Expertise in configuring and maintaining servers, backups, and monitoring tools to ensure the high availability and security of business applications.

Core Responsibilities

• Security Infrastructure Operation & Maintenance: Operate and maintain IDS systems, HBSS, and other security tools to ensure system performance and availability.
• Security System Upgrades: Oversee system upgrades and ensure security components, including firewalls, HIPS, and antivirus solutions, are consistently updated.
• Incident Management: Analyze security events and system anomalies; collaborate with incident response teams to mitigate and resolve threats.
• Data Monitoring: Develop, maintain, and analyze dashboards, rules, and filters within HBSS to ensure effective detection and reporting of security events.
• Security Documentation: Maintain detailed records of all HBSS system configurations, exceptions, firewall rules, and security incidents.
• Monthly Status Report: Provide a comprehensive monthly status report on security infrastructure, maintenance, and upgrades.
• Documentation: Create and maintain documentation of security systems, policies, procedures, and configurations, ensuring compliance with DISA standards.
• Incident Reports: Document investigation progress and outcomes in Incident Response Tracker.
• Training Materials: Develop written procedures and conduct on-site training for security tools and systems.

Qualifications

• Experience: Minimum 3-7 years in security systems engineering or related field, with specific expertise in both Windows and Linux environments.
• Security Clearance: Must hold TS/SCI clearance and PSD/Yankee White.

Certifications:

• CEH, SSCP, RHCSA, MCITP (desired)
• HBSS 201 Basic & 301 Advanced training preferred.

Physical Demands & Work Environment

• Work Location: Naval Station Anacostia Annex, Washington, DC.
• Work Hours: Standard full-time hours with potential for on-call duties during emergencies or critical incidents