Be Challenged and Make a Difference
In a world of technology, people make the difference. We believe if we invest in great people, then great things will happen. At AnaVation, we provide unmatched value to our customers and employees through innovative solutions and an engaging culture.
Description of Task to be Performed:
AnaVation is looking for a Security Engineer to assist the client leadership with system security engineering and administration. The ideal candidate will be comfortable engaging with client leadership on a regular basis and interacting with senior level team members.
Responsibilities include, but not limited to:
- Perform system and security administration for security tools such as vulnerability scanning tools (e.g., Tenable SC/IO, Qualys, Burpsuite), EDR tools (e.g., Crowdstrike), SIEM tools (e.g., Splunk) and other security tools (e.g., McAfee (NSM), GRC tool (CSAM)).
- Perform system administration tasks to include audit and log management, availability monitoring and remediation, account management and access reviews, and configuration update scheduling and performance.
- Perform application updates and patches to security tools.
- Configuring, managing, and scheduling vulnerability scans.
- Understanding and advising the client regarding critical application data and vulnerability points, coordinating with industry partners to advise the government regarding those security vulnerabilities, and providing recommendations and advice on incident response and recovery plans.
- Providing Incident Response (IR) activities to includes triage, investigating, interviewing, resolving, and reporting on events. Creating, updating, and/or revising the IR Playbook and IR Plan.
- Promoting information security awareness across the program, ensuring security controls and processes are implemented, and developing appropriate security-related documentation.
- Presenting vulnerability analysis to system admins, system owners, and leadership.
- Being the POC during security audits that pertain to vulnerability scanning and analysis.
This position is hybrid, with the potential for periodic onsite attendance at our customer location in Alexandria, VA. Applicants who do not currently reside within commuting distance should describe how they would satisfy this requirement. Remote status is subject to change at the customer’s direction.
This position requires a Public Trust.
Required Qualifications:
Education: Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
Experience: 6 years
Minimum Qualifications (Education/Certificates, Experience, Physical, etc.):
6 years of experience in information system engineering and configuration management.
6 years of experience in system security analysis and implementation and secure system engineering or design.
Excellent communication skills.
Hands on experience with:
Security monitoring and evaluation, including audits, assessment, and risk management
Splunk
Crowdstrike
Tenable/Nessus
Qualys
Web App Scanning tools (e.g., Burpsuite)
Microsoft Excel and other MS Office Products
Able to deliver and present vulnerability analysis to a wide range of audience (i.e., system admins, system owners, leadership).
Familiarity with:
Linux (RHEL 7/8), Windows Operating Systems, and Oracle/SQL Databases
Agile Methodologies
GRC Tools (e.g., CSAM)
Certifications: Security +
Strong desire to learn, grow and is highly motivated.
Preferred Qualifications:
Knowledgeable on different cloud providers: AWS, Azure, Oracle, GCP,
Understanding of cloud systems and security tools
Certifications: CISSP