Systems Engineer-Mid

Job Description

This position is contingent upon award. Support MPG as a Systems Engineerwhere youwill support the cybersecurity program through monitoring, analysis, and resolution of various continuous monitoring capabilities toinclude but not limited toVulnerability Management, an Endpoint Detection and Response (EDR) tool, Security Information Event Management (SIEM), and additional threat monitoring agents. The analyst will support an enterprise program engaging with stakeholders to drive the security program for an exciting mission.

Responsibilities include:

• Cybersecurity work related to operation systems, application, logging and monitoring, NIST/FISMA compliance, remediation, and patch management
• Monitor system configuration to ensure that the systems are operating effectively. Resolve any issues and problems, following documented procedures and playbooks
• Fully understand and be responsible for the implementation of security policies, controls, and the technologies that support the enterprise (e.g. malware, anti-virus, remote access)
• Investigate potential anomalous behavior and intrusion attempts
• Leverage aggregated cyber logs, network flow, and anomaly data for analysis, research and the identification of potential compromise within infrastructure or applications
• Perform root cause analysis to identify gaps and provide technical and procedural recommendations that will reduce the exposure to cyber risks
• Support the development and maintenance of documented playbook procedures
• Perform application updates, patches to the scoped components for the tools (e.g. the application layer components)
• Properly track and account for configuration items identified in accordance with the Configuration Management Plan, including both standard and enterprise-wide change management procedures
• Perform and distribute Vulnerability Scans to appropriate Information System personnel assigned the role of application, infrastructure or database administrator. This includes application, code or operating system scans
• Track and resolve findings at the assigned level of criticality in accordance with requirements set in the Vulnerability Management Plan and NIST guidance on minimum security controls

Qualifications

• ActiveSecret Clearance required
• Bachelor’s Degree
• 4 years' experience as a Security/Network Administrator or equivalent knowledge
• Understanding and experience with CSAM
• Experience with security tools such as vulnerability management tools (Nessus, Retina), configuration management (Bigfix, SCCM, EPO), endpoint detection (antivirus, ATP), data loss prevention, and intrusion detection software and hardware
• Familiar with the use of data analysis tools (Excel or PowerBI).
• Familiar with multi-tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS) and the exploitation mechanisms of common vulnerability types (e.g. buffer overflows, cross-site-scripting, SQL injection).
• Abilityto perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections.
• Ability to use common tools such as Wireshark to examine network traffic.
• Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Procedure Calls (RPC), Hypertext Transfer Protocol (HTTP) and Structured Query Language (SQL).
• Ability to perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system.

Additional Information

• All your information will be kept confidential according to EEO guidelines
• Equal Opportunity Employer Veterans/Disabled