- Washington, DC, USA
- Clearance Level: Secret
MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are the trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. We design and implement innovative security solutions to identify and defend against today’s risks and tomorrow’s attacks.
We believe that helping organizations operate from the best security posture possible requires automation. Empowering our employees to excel and providing them with the means to do so enables us to consistently exceed our clients’ expectations.
Unlike many IT consultancies, we’re not a body shop. Our client engagements are challenging and growth-oriented. Our relationship with you is for the long run because, in this business, your success is our success. That’s why we treat investments in employees as investments in the company itself, which is why we offer fantastic benefits (healthcare, generous PTO, paid maternity and paternity leave, and tuition reimbursement, to name a few).
But you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you.
We are an established, profitable, and growing company that promises you the following:
- A diverse organization.
- A safe workplace with zero tolerance for discrimination and harassment of any kind.
- A balanced work life. Seriously.
- Potential of a flexible schedule, depending on the specific customer.
- A leadership team focused on your professional growth and development.
This position is contingent upon award. Support MPG as a Systems Engineer where you will support the cybersecurity program through monitoring, analysis, and resolution of various continuous monitoring capabilities to include but not limited to Vulnerability Management, an Endpoint Detection and Response (EDR) tool, Security Information Event Management (SIEM), and additional threat monitoring agents. The analyst will support an enterprise program engaging with stakeholders to drive the security program for an exciting mission.
- Cybersecurity work related to operation systems, application, logging and monitoring, NIST/FISMA compliance, remediation, and patch management
- Monitor system configuration to ensure that the systems are operating effectively. Resolve any issues and problems, following documented procedures and playbooks
- Fully understand and be responsible for the implementation of security policies, controls, and the technologies that support the enterprise (e.g. malware, anti-virus, remote access)
- Investigate potential anomalous behavior and intrusion attempts
- Leverage aggregated cyber logs, network flow, and anomaly data for analysis, research and the identification of potential compromise within infrastructure or applications
- Perform root cause analysis to identify gaps and provide technical and procedural recommendations that will reduce the exposure to cyber risks
- Support the development and maintenance of documented playbook procedures
- Perform application updates, patches to the scoped components for the tools (e.g. the application layer components)
- Properly track and account for configuration items identified in accordance with the Configuration Management Plan, including both standard and enterprise-wide change management procedures
- Perform and distribute Vulnerability Scans to appropriate Information System personnel assigned the role of application, infrastructure or database administrator. This includes application, code or operating system scans
- Track and resolve findings at the assigned level of criticality in accordance with requirements set in the Vulnerability Management Plan and NIST guidance on minimum security controls
- Active Secret Clearance required
- Bachelor’s Degree
- 4 years' experience as a Security/Network Administrator or equivalent knowledge
- Understanding and experience with CSAM
- Experience with security tools such as vulnerability management tools (Nessus, Retina), configuration management (Bigfix, SCCM, EPO), endpoint detection (antivirus, ATP), data loss prevention, and intrusion detection software and hardware
- Familiar with the use of data analysis tools (Excel or PowerBI).
- Familiar with multi-tiered network applications, common ports and protocols used in those communications, the Common Vulnerability System (CVS) and the exploitation mechanisms of common vulnerability types (e.g. buffer overflows, cross-site-scripting, SQL injection).
- Ability to perform online research and comprehend attack signatures while comparing them to network traffic to perform proper analysis of detections.
- Ability to use common tools such as Wireshark to examine network traffic.
- Familiarity with protocols commonly used in commercial networks, such as Server Message Block (SMB), Remote Procedure Calls (RPC), Hypertext Transfer Protocol (HTTP) and Structured Query Language (SQL).
- Ability to perform Splunk queries to examine and query log data from the Enterprise Logging as a Service system.
- All your information will be kept confidential according to EEO guidelines
- Equal Opportunity Employer Veterans/Disabled