Job ID;                  IIS114596HJO
Company Name;     Raytheon
Job Category;            Law Enforcement/Security
Location;                Reston, VA
Position Type;              Full-Time, Employee
Experience;                1-2 Years Experience
Desired Education Level;    Bachelor of Science

Vulnerability Assessment Engineers

Raytheon, Information Security Solutions, is a leading provider of Information Security Engineering to the U.S. Government. Come join our team of world-class security professionals in solving the most challenging problems facing our country’s information infrastructure.

Job Description: Risk Assessment team is to assess risk to computer systems and networks. The team accomplishes this mission by managing the DCID 6/3 Security Certification and Accreditation Program (C&A) and performing system and network security vulnerability assessments (white hat hacking). The team is also responsible for engaging Information Technology (IT) system developers at the earliest stage of the project lifecycle and working with them throughout the development process to ensure that INFOSEC standards are enforced and security is integrated into the design of their systems. The Vulnerability Assessment Engineers will examine information systems to determine if vulnerabilities exist and, what mitigating strategies can be applied. The end goal is to ensure the integrity of Sponsor systems by identifying and mitigating potential avenues of exploitation, including system level attacks and user level attacks. The Vulnerability Assessment Engineers coordinate planning, scheduling, and testing of projects in the C&A process.

Typical assigned duties will include:

Review and make recommendations on program-level documentation (e.g., requirements specification, system architecture, design documents, test plans, security plans, etc.).

Develop and document security evaluation test plan and procedures.

Assist in researching, evaluating, and developing relevant Information Security policies and guidance.

Conduct hands-on security testing, analyze test results, document risk, and recommend countermeasures.

Coordinate with other program elements conducting security testing.

Assess/calculate risk based on threats, vulnerabilities, and shortfalls uncovered in testing.

Identify mitigating countermeasures to identified threats, vulnerabilities, and shortfalls.

Identify needs for testing equipment and gaps in testing capabilities; conduct research on and evaluation of automated testing tools and provide summaries and reports to sponsor on the tool capabilities, in support of potential procurement by sponsor.

Perform network security analysis and risk management for designated corporate networks.

Develop, assemble, and submit C&A testing results reports that document testing activity and results to support the creation of C&A risk assessments and C&A approval packages.

Candidates should be highly motivated and able to work in a fast-paced and challenging environment that rewards technical excellence.

Required Skills :

Minimum 2 years experience in conducting vulnerability assessments.

Strong technical skills and analytic abilities, as well as, experience performing network security analysis and risk management.

Broad knowledge of Information Security policies and guidance, as well as the ability to assist in researching, evaluating, and developing relevant security policies and guidance.

Broad knowledge of network architectures and network management tools.

Ability to translate an understanding of systems and applications into security test plans and perform hands on security testing.

Experience in using Information Assurance test and risk assessment tools.

Demonstrated ability to analyze test results and suggest mitigations for security problems.

Knowledge of Intelligence Community Information Assurance policies and regulations and how the certification and accreditation (C&A) process relates to it.

Effective written communication skills are crucial for preparing engineering documents.

Knowledge of the Microsoft Office Suite of products (i.e., Word, Excel, and PowerPoint), MS Project, and Lotus Notes applications.

Existing TS/SCI Security Clearance Required

Desired Skills :

Technical experience with web security architectures and web technologies such as Java, JavaScript, and HTML.

Technical experience with Windows NT, Windows XP Pro, Windows 2000 server, Solaris, and/or Linux.

Understanding of UNIX kernel security internals.

Understanding of certificate-based identification and authentication.

Ability in performing technical surveys to detect wireless activity and locate wireless devices.

Experience using and customizing software tools that store and parse the data collected, for analysis and reports.

Ability to analyze technical specifications of hardware and capabilities and features of GOTS and COTS software to advise sponsor on potential acquisitions.

Desired Certification(s) :

Possession of either a ISC2 CISSP certification or SANS GSEC certification is required.

Required Education (including Major): Bachelor of Science in Computer Engineering, Software Engineering, Systems Engineering, Information Systems, Physics, Mathematics or related field and/or equivalent experience.

Raytheon is an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status, or any other protected factor.

APPLY HERE

If you have not subscribed to Confabee Career & Jobs, please do now...here... RSS feed... click me. Thanks so much!

Tags: Assurance, communication, Engineers, information security solutions, Infrastructure, level documentation, Management, PROFESSIONALS, project lifecycle, Reston, risk assessment team, software engineer, Support, system developers, VA, Wireless