Candidate must be a United States citizen with an active DoD Top Secret or DOE Q security clearance Global Engineering and Technology (GET) is seeking qualified applicants for multiple positions as Senior Cyber Security Engineer in support of the United States Department of Energy’s cybersecurity program. This is a highly compensated, high-responsibility cyber operations position that is central to our mission’s success. In its majority, work will be performed remotely, from the employee’s place of residence. Pre-planned travel to Oak Ridge, Tennessee, for on-site interaction, support, and inspections will be required as needed. Duties: Selection, deployment, and configuration of cybersecurity software Designing, implementing, maintaining, overseeing, and upgrading all security measures that are needed for protecting an organization’s systems, networks, and data, including cloud security models that address identity, network, and encryption Conducting penetration tests to identify potential vulnerabilities Monitoring networks for security breaches Reporting the incidence, nature, and extent of security breaches Developing and implementing a plan of action for responding to such breaches Developing security standards and best practices to be followed on an organizational level Keeping up to date on the latest security threats and tools Assisting in security breach investigations Security Clearance: This position requires a current DOE Q or DoD Top Secret security clearance. Must-Have Qualifications 5+ years of cybersecurity work experience performing the duties outlined above Strong understanding of security best practices and security frameworks like NIST 800-53 Expert understanding of in-depth security defense and risk-based methods to security Expert knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption) Expert knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth) Expert knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions Experience implementing cloud security models that include identity, network and encryption Background in privileged access management technologies Knowledgeable of Identity and Access Management principles, design and implementation Knowledge of computer networking concepts and protocols, and network security methodologies Knowledge of authentication, authorization, and access control methods Knowledge of cybersecurity and privacy principles Knowledge of cyber threats and vulnerabilities Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists) Knowledge of network services and protocols interactions that provide network communications Knowledge of network traffic analysis methods Knowledge of packet-level analysis Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities Knowledge of cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks) Knowledge of cloud service models and how those models can limit incident response Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications Knowledge of application security risks Knowledge of network tools (e.g., ping, traceroute, nslookup) Knowledge of the common attack vectors on the network layer Knowledge of Windows/Unix ports and services Knowledge of the use of sub-netting tools Knowledge of operating system command-line tools Knowledge of Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) tools and applications Ability to secure network and enterprise cloud applications Skill in automation, such as PowerShell, Python and Java Skill with Microsoft security technologies and strategies Skill in securing network communications Skill in recognizing and categorizing types of vulnerabilities and associated attacks Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters). Skill in performing damage assessments. Skill in using security event correlation tools. Skill to design incident response for cloud service models. Ability to design incident response for cloud service models. Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies. Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies Ability to interpret the information collected by network tools (e.g. Nslookup, Ping, and Traceroute) Desired Qualifications Degree in IT, systems engineering, computer science, or similar field OR relevant certifications and experience Experience with the operation, maintenance, and functionality of firewalls and other forms of endpoint security Proficiency in languages or tools such as Java, C++, Node, Ruby, Python, Go, or PowerShell Excellent report writing and presentation skills with the ability to explain technical details in a concise, understandable manner. Benefits We provide exceptional benefits to our full-time employees (spouse/family coverage option available at a company-subsidized rate). Benefits include: Medical plan options with United Health Care Dental Insurance AD&D Insurance Life Insurance Long-/Short term Disability Insurance with MetLife Generous 401(k) match with Principal Financial All benefits are effective on day one of employment. Global Engineering & Technology, Inc. (GET) is an Equal Opportunity Employer and does not discriminate on the basis of race, sex, color, religion, age, national origin, marital status, disability, veteran status, genetic information, sexual orientation, gender identity or any other reason prohibited by law in provision of employment opportunities and benefits.