Information Assurance Engineer

Job Title

Information Assurance Engineer

Job Description

The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security.

Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!

This position will be 80% remote with 8 weeks of possible travel per year. Must live in or within 50 miles of Huntsville Alabama

Responsibilities:

• Performing technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications)
• Conducting and/or supporting authorized penetration testing on enterprise network assets
• Making recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes)
• Preparing assessment reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions
• Maintaining deployable cyber defense assessment toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense assessment missions
• Formal written and verbal communication with customer leadership and technical staff regarding assessment findings and reports
• Virtual team communication via multiple collaboration tools with team members and leadership

Skill in:

• Conducting vulnerability scans and recognizing vulnerabilities in security systems
• Cloud Technologies suchas AWS, Microsoft Azure, etc.
• Conducting application vulnerability assessments
• The use of penetration testing tools and techniques
• Using network analysis tools to identify vulnerabilities
• Assessing compliance with standard configuration baselines (DISA STIG/SRC, CIS Benchmark)
• Assessing the application of cryptography
• Assessing the robustness of security systems and designs
• Mimicking threat behaviors
• The use of social engineering techniques
• Performing impact/risk assessments
• Identifying systemic security issues based on the analysis of vulnerability and configuration data
• Conducting security assessment interviews
• Assessing security controls against recognized compliance frameworks (e.g., NIST 800-53)

Knowledge of:

• Application vulnerabilities
• Computer networking concepts and protocols, and network security methodologies
• Network traffic standards and technology (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], etc.)
• Penetration testing principles, tools, and techniques
• System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
• Risk management processes (e.g., methods for assessing and mitigating risk)
• Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
• National and international laws, regulations, policies, and ethics as they relate to cybersecurity
• Cybersecurity principles
• Cyber threats and vulnerabilities
• Specific operational impacts of cybersecurity lapses
• Cryptography and cryptographic key management concepts
• Host/network access control mechanisms (e.g., access control list)
• Network access, identity, and access management (e.g., public key infrastructure [PKI])
• Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services
• Basic system administration, network, and operating system hardening techniques
• General attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation or privileges, maintaining access, network exploitation, covering tracks)
• System administration concepts for Unix/Linux and/or Windows operating systems
• Understanding of common Risk Management Frameworks (RMF) and cybersecurity and compliance frameworks such as NIST 800-53, NIST 800-171, CMMC, GDPR, HIPAA, GDPR, etc.

Job Requirements

Qualifications:

• Bachelor's Degree in Cybersecurity, Computer Science, Mathematics, Information Technology, or 6 years equivalent combination of education, professional training or work experience.
• 8 years of experience in cybersecurity and compliance
• Secret Clearance required
• The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship.

Must possess one of the following certifications:

• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• Systems Security Certified Practitioner (SSCP)
• Offensive Security Certified Professional (OSCP)
• Certified Information Security Auditor (CISA)
• Certified Authorization Professional (CAP)
• Security

Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment.

Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States.

Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos Corporation will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business. If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at 1-800-283-1911. If you require relay service assistance, please click on the following link to review information on your state's relayservice:

Telos Corporation is an EEO/AA employer.

Job Type

Full-Time

Location

Huntsville, AL 35802 US (Primary)

Telos offers an excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Telos and its subsidiaries are an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.