Evurge Solutions is seeking is a Cybersecurity Engineer with experience securing enterprise IT systems for a Federal government agency. This role is responsible for identifying and assessing information technology and information security risks within a broader enterprise risk management program.
The ideal candidate has a proven history as a security engineer. Candidate must have the ability to efficiently execute tactically in the client environment while guiding strategic planning and governance. Candidate must be able to communicate effectively and proficiently articulate complex concepts to both technical contributors and executive management. This requires a mix of both in-depth technical skills and soft skills, with leadership skills.
Assist with the design, development, implementation, and maintenance of security tools, dashboards, cybersecurity, and risk management.
Monitor, troubleshoot, and manage networking and systems protection strategies. Monitor application and network vulnerabilities for potential security concerns; develop mitigation strategies; and execute mitigation tactics.
Serve as a central point of contact for coordinated response to security incidents.
Penetration testing and vulnerability assessments
Experience working with Vulnerability Scanning tools
Vulnerability analysis or reverse engineering
Experience with providing guidance for IEEE 802.1 standards
Analyze and interpret vulnerability scan data on a regularly basis
Secure enterprise information by determining security requirements, evaluating business needs, and adhering to Federal and industry security standards
Develop, review and analyze audit reports from systems hosting sensitive data (i.e. personally-identifiable information). Assist with annual comprehensive risk assessment to ensure compliance.
Research and respond to crisis or urgent situations as part of the organization’s incident response team. The Cybersecurity Administrator must be able to analyze and determine the root cause and impact of vulnerabilities and threats, apply defensive action to protect and defend organization systems, and communicate with stakeholders and third parties to coordinate the organization’s response.
BA or BS degree in CS, Engineering, Information Systems, or a related technical field preferred; MA or MS degree in CS, Information Systems, or a related technical field a plus
Knowledge of common cyber security vulnerabilities and experience guiding project teams throughout the remediation effort for discovered vulnerabilities
Knowledge of and experience with state data breach laws and cybersecurity frameworks
Knowledge of government compliance standards (NIST, DISA STIG, USGCB, CIS Benchmark)
Basic programming skills to develop XML or SQL-based queries to generate audit trail
Knowledge of Vulnerability Management / Remediation strategies (preferred)
Ability to think strategically and act tactically
5+ years of experience in an information security, IT/cyber engineering, or risk management role supporting security programs, security architecture, or software and system development projects in complex enterprise environmentsAn advanced degree in computer science, or a related field
Data Security Certification(s) (CISSP, CITM, HCISSP, CCFP, CISM, CISA, GIAC, or similar)
Familiarity with NIST guidance on security risk management, including the Cybersecurity Framework
Familiarity with HITRUST Common Security Framework