Sr Security Engineer, Offensive in Herndon, VA at Constellis

Date Posted: 1/9/2021

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Herndon, VA
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    1/9/2021

Job Description


WHY CONSTELLIS?


Are you ready for your next adventure? From down range to corporate positions around the world, we provide you with opportunities to grow your career while helping to make the world more secure.



Constellis provides opportunities across every major continent for individuals who want to build successful careers in a fast-paced, growing industry. Legal, moral and ethical business practices remain at the cornerstone of our culture and Constellis continues to be recognized for our emphasis on quality and compliance. This strong track-record of performance is supported by our deep relationships with our government and commercial customers. Our employees worldwide, the majority of whom are military or law enforcement veterans, have ambition and passion for creating a safer world. Join us to Secure Success!



RESPONSIBILITIES


The Sr. Security Engineer is responsible for testing physical, logical, and electronic protection of data, including cloud, corporate, web application, access control, intrusion detection/prevention, virus protection, and more, as well as Digital Forensics, Software Development, Vulnerability Research, Reverse Engineering, Software/Hardware Engineering, and Operational Consultancy (e.g., Red Teaming/Hunt, Mission Evaluation) and performing incident response and working in the global security operations center. The Sr. Security Engineer will also assist with identifying current and emerging cyber events, along with developing countermeasures with known and/or discovered indicators.



  • Resolve incidents and problem tickets issued against supported devices within published SLAs.

  • Prioritize competing support requests/incidents across multiple supported applications and maintain focus on solving the highest priority and highest business impact issues first.

  • Maintain awareness of planned and unplanned system-wide changes and application deployments that might impact application availability for users. Take the necessary steps to prepare for and prevent application outages due to these changes.

  • Devise and implement approaches to monitor applications and data flows via effective information dashboards for operational metrics, end-to-end system data processing, incident management, change control, and compliance.

  • Use monitoring data in combination with other sources to analyze the risk of a successful attack.

  • Proactively recommend new tools, techniques, and procedures to enhance SOC performance and quickly learn new tools as they are introduced.

  • Perform network packet capture and log artifact analysis of suspected computer intrusions

  • Actively search all areas of the internal network for hidden threats and vulnerabilities.

  • Perform legal holds with specific structured and unstructured sources.

  • Assist in the development and documentation of digital forensic policies and processes

  • Identify opportunities for process improvement and automation of repetitive tasks.

  • Participate in red/blue/purple team exercises as needed to analyze threat scenarios and assess internal defenses. Document results.

  • Engage positively across multiple teams to establish clarity, vision, and mutual trust in order to achieve business goals.

  • Operate security operations technology and provide ongoing system support and advice to other users of this technology.

  • Adheres to industry-specific local, state, and federal regulations, as applicable.

  • Other duties as assigned



QUALIFICATIONS



  • Bachelor's degree required. Three additional years of related experience beyond the minimum required may be substituted in lieu of a degree.

  • 3-5 year of digital forensics experience

  • 7-10 years of cyber security incident response experience

  • 5-7 years of Pen Testing experience

  • 1-2 years of experience performing forensic acquisition and examination of Windows, Unix/Linux, Macintosh-based computers and servers in a corporate enterprise environment

  • Experience performing acquisition and examination of Android and iOS-based mobile devices Broad understanding of multiple forensic platforms and tools - EnCase, Access Data FTK, The Sleuth Kit (TSK), and eDiscovery Tools

  • Knowledge of operating systems internals and endpoint security experience (Windows)

  • General knowledge of APT campaigns, Tools, Techniques, & Procedures (TTP), malware attack vectors, memory injection techniques and malware persistence mechanisms

  • Certified Information Systems Security Professional (CISSP)



PREFERRED



  • Security+

  • Certified Ethical Hacker (CEH)

  • GIAC Certified Incident Handler (GCIH)

  • GIAC Certified Forensic Examiner (GCFE)

  • GIAC Certified Forensic Analyst (GCFA) Certification

  • Offensive Security Certified Professional or equivalent security certification


#LI-RG1


ABOUT CONSTELLIS


Constellis protects critical priorities safely and efficiently around the world. Operating in 40 countries and based in the Washington D.C. area, our 22,000 Constellis employees bring unparalleled dedication and passion for creating a safer world and upholding the highest standards of compliance, quality and integrity. As a leading global provider of risk management, security, humanitarian, training and operational support services to government and commercial customers worldwide, Constellis' forward thinking solutions include a range of synergistic services, including background investigations, social intelligence tools, advanced training, logistics and life support, UAV and K9 services, and crisis response mitigation. At Constellis, our number one priority is to secure success for our customers. For more information, visit www.constellis.com



BENEFITS


Constellis offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflect its commitment to creating a diverse and supportive workplace.



  • Medical, Vision & Dental Insurance

  • Paid Time-Off Program & Company Paid Holidays

  • 401(k) Retirement Plan

  • Insurance: Basic Life & Supplemental Life

  • Health & Dependent Care Flexible Spending Accounts

  • Short-Term & Long-Term Disability

  • Personal Development & Learning Opportunities

  • On-the-job Training, Skills Development & Certifications

  • Employee Referral Program

  • Corporate Sponsored Events & Community Outreach



WORKING CONDITIONS


Work is typically based in a busy office environment and subject to frequent interruptions. Business work hours are Monday-Friday from 8:00 am to 5:00 pm, however some extended or weekend hours may be required.



PHYSICAL REQUIREMENTS


May be required to lift and carry awkward items weighing up to 25 lbs. Requires intermittent standing, walking, sitting, squatting, stretching and bending throughout the workday.