CyberSecurity Auditor - Virtualization with Security Clearance
Software Engineering Services is hiring for a fantastic role in Cyber Protection as an Infrastructure/Virtualization Assessor in San Antonio, TX.
Please review the qualifications and let us know if you're interested today! The candidate will be responsible for conducting vulnerability and compliance assessments on virtualized architectures to include, but not limited to reviewing network/system documentation to identify cybersecurity design flaws, scanning network(s to identify live hosts and ports, protocols and services, fingerprinting applications/operating systems, detect vulnerabilities, analyze results, verify findings manually, to eliminate false positives or negatives, capture artifacts such as screen captures, etc.
, to provide evidence and artifacts for each exploitable vulnerability, etc.
Candidate must also be able to adequately tell the story of how a vulnerability was exploited and what the overall impact would be to particular hosts or networks.
More specifically, the candidate will:
o Demonstrate extensive VMware Virtualization experience - design, implement, manage and secure a VMware environment, including data center cluster(s) managed by vCentero Perform analysis and evaluate virtualized environments to identify vulnerabilities, evaluate DoD/NIST compliance, determine applicability of industry best practices and recommend remediation actions to enhance its cyber security postureo Assess and leverage knowledge of industry best practices, benchmark data and published security standards to support implementation of virtual environments o Assess cybersecurity impacts for proposed changes and assess conformance and compliance with cybersecurity requirements for new release capabilitieso Perform security assessments of the systems in the fielded environments to assess the security posture of the systems and technical compliance with the requirements, to include validating security relevant configurations of the systemso Identify relevant virtualization-related threat information through research/analysis o Have strong UNIX/LINUX fundamentals along with familiarity of UNIX/LINUX/Windows Command Line Interface (CLI); strong skill set in PowerCLI, PowerShell and basho Provide primary technical, maintenance and cyber security support for UNIX/LINUX/ Windows, Virtualization Technologies, Intel hardware and softwareo Demonstrate superb organizational, interpersonal, written and verbal communication o Demonstrate an ability to successfully execute many complex tasks simultaneouslyo Demonstrate an ability to make accurate and independent decisions under pressureo Adequately explain, present, demonstrate when applicable and document the operational impact of a particular vulnerability or exploito Methodically analyze problems, troubleshoot servers and infrastructure equipment and identify potential solutionso Demonstrate understanding of common cyber threat terminology, methodologies, and possess basic understanding of cyber incident and response, and related current events o Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments o Demonstrate an ability work as a team member as well as independentlyo Travel up to 25% with trips encompassing 1-4 weeks in duration MINIMUM REQUIREMENTSo Must meet DoD 8570 IAT Level 3 requirements (CASP, CISSP+, CISA, etc.
) and have an active TS/SCI clearanceo Must possess a CSSP-Auditor (C EH, CySA, CISA, GSNA) certification within 6 months of hire o Must obtain a MCSA and UNIX/Linux certification within 6 months of hireo Must possess or be to obtain a VCP6 Data Center, Cloud or Network Virtualization certificate within 6 months upon arrival to the customer siteo Minimum Bachelor's degree and 2 years' experience, Associates degree with 4 years' experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science; experience with developing, implementing, integrating, maintaining and evaluating security engineering and security for IT enterprise architectures.
o Experience with Hyper-V, VirtualBox, vSphere, VMware virtual switching, vMotion, HA, vRA, vROPS and the vRealize Suite along with VMware NSX (5 years)o Database Administration Skills (MS SQL and Linux SQL preferred) (5 years)o Must complete customer pre-screen, skills assessment lab, pass customer training and certification program and remain mission ready qualified o Self-motivated with minimal supervision PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONEDo Analytical with the ability to understand and implement customer objectives o Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessments Recommended Skills Applied Science Assessments Auditing Bash (Scripting Language) Certified Information Security Manager Communication Estimated Salary: $20 to $28 per hour based on qualifications.
Please review the qualifications and let us know if you're interested today! The candidate will be responsible for conducting vulnerability and compliance assessments on virtualized architectures to include, but not limited to reviewing network/system documentation to identify cybersecurity design flaws, scanning network(s to identify live hosts and ports, protocols and services, fingerprinting applications/operating systems, detect vulnerabilities, analyze results, verify findings manually, to eliminate false positives or negatives, capture artifacts such as screen captures, etc.
, to provide evidence and artifacts for each exploitable vulnerability, etc.
Candidate must also be able to adequately tell the story of how a vulnerability was exploited and what the overall impact would be to particular hosts or networks.
More specifically, the candidate will:
o Demonstrate extensive VMware Virtualization experience - design, implement, manage and secure a VMware environment, including data center cluster(s) managed by vCentero Perform analysis and evaluate virtualized environments to identify vulnerabilities, evaluate DoD/NIST compliance, determine applicability of industry best practices and recommend remediation actions to enhance its cyber security postureo Assess and leverage knowledge of industry best practices, benchmark data and published security standards to support implementation of virtual environments o Assess cybersecurity impacts for proposed changes and assess conformance and compliance with cybersecurity requirements for new release capabilitieso Perform security assessments of the systems in the fielded environments to assess the security posture of the systems and technical compliance with the requirements, to include validating security relevant configurations of the systemso Identify relevant virtualization-related threat information through research/analysis o Have strong UNIX/LINUX fundamentals along with familiarity of UNIX/LINUX/Windows Command Line Interface (CLI); strong skill set in PowerCLI, PowerShell and basho Provide primary technical, maintenance and cyber security support for UNIX/LINUX/ Windows, Virtualization Technologies, Intel hardware and softwareo Demonstrate superb organizational, interpersonal, written and verbal communication o Demonstrate an ability to successfully execute many complex tasks simultaneouslyo Demonstrate an ability to make accurate and independent decisions under pressureo Adequately explain, present, demonstrate when applicable and document the operational impact of a particular vulnerability or exploito Methodically analyze problems, troubleshoot servers and infrastructure equipment and identify potential solutionso Demonstrate understanding of common cyber threat terminology, methodologies, and possess basic understanding of cyber incident and response, and related current events o Assist customer with implementing policies and tactics, techniques and procedures for conducting assessments o Demonstrate an ability work as a team member as well as independentlyo Travel up to 25% with trips encompassing 1-4 weeks in duration MINIMUM REQUIREMENTSo Must meet DoD 8570 IAT Level 3 requirements (CASP, CISSP+, CISA, etc.
) and have an active TS/SCI clearanceo Must possess a CSSP-Auditor (C EH, CySA, CISA, GSNA) certification within 6 months of hire o Must obtain a MCSA and UNIX/Linux certification within 6 months of hireo Must possess or be to obtain a VCP6 Data Center, Cloud or Network Virtualization certificate within 6 months upon arrival to the customer siteo Minimum Bachelor's degree and 2 years' experience, Associates degree with 4 years' experience or 6 years equivalent experience without a degree; degrees focused on engineering or applied science; experience with developing, implementing, integrating, maintaining and evaluating security engineering and security for IT enterprise architectures.
o Experience with Hyper-V, VirtualBox, vSphere, VMware virtual switching, vMotion, HA, vRA, vROPS and the vRealize Suite along with VMware NSX (5 years)o Database Administration Skills (MS SQL and Linux SQL preferred) (5 years)o Must complete customer pre-screen, skills assessment lab, pass customer training and certification program and remain mission ready qualified o Self-motivated with minimal supervision PREFERRED REQUIREMENTS IN ADDITION TO THE AFOREMENTIONEDo Analytical with the ability to understand and implement customer objectives o Familiarity with NIST, RMF, DISA STIGs and experience in conducting DoD vulnerability and compliance assessments Recommended Skills Applied Science Assessments Auditing Bash (Scripting Language) Certified Information Security Manager Communication Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
