Blue Team Operator
ECS Corporate Services

ECS is seeking a Blue Team Operator to work in our Washington, D.C. office.

Job Description:

Support of a premier Law Enforcement agency, we are looking to expand our industry-leading, high-impact, Blue Team. The Blue Team consists of specialized cybersecurity professionals that perform intelligence/ threat-based security assessments on critical systems, major applications, and networks to identify security risks to brief systems owners of the potential impacts of those risks to their mission. The Blue Team performs unbiased comprehensive assessments that produces actionable security recommendations that are tailored to the assessed environment.

The following services are provided by the Blue Team: Identification and Validation of Security Flaws, Network Mapping / Network Analysis, Vulnerability Analysis, Pen-testing network filters and security countermeasures, Threat Hunting, Incident Response, and Forensic Analysis.

• Proven experience in penetration testing.
• Experience conducting Vulnerability Assessments using industry tools - NESSUS, Tenable, Kali, Burp Metasploit Core Impact, etc.
• Understanding of cloud security controls (e.g Azure, O365, AWS).
• Provide Incident Response capabilities.
• Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.
• Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53.
• Compiles and maintains internal standard operating procedure (SOP) documentation.
• Participates in program reviews, product evaluations, and onsite certification evaluations.
• The ability to solve problems independently.
• Provides certification and accreditation support in the development of security and contingency plans and conducts complex risk and vulnerability assessments.
• Recommends system enhancements to improve security deficiencies.
• Develops, tests and integrates computer and network security tools.
• Secures system configurations and installs security tools, scans systems in order to determine compliancy and report results and evaluates products and various aspects of system administration.
• Conducts security program audits and develops solutions to lessen identified risks. Develops strategies to comply with privacy, risk management, and e-authentication requirements.
• Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.
• Evaluates, develops and enhances security requirements, policy and tools. Provides assistance in computer incident investigations.
• Performs vulnerability assessments including development of risk mitigation strategies.
• Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.
• Compiles and maintains internal standard operating procedure (SOP) documentation.
• Participates in program reviews, product evaluations, and onsite certification evaluations.

Salary Range: $150,000 - $190,000

General Description of Benefits

Required Skills:

• Must have a current Top-Secret Clearance with the capability of obtaining SCI / CI-Poly if needed to meet contract requirements.

Education:

• Bachelor's (or equivalent) with 5+ yrs of experience, or a Master's and 3+ of experience.

Skills - at least 5+ years of experience in:

• At least five years of experience performing various assessments (penetrations tests of systems and networks within a DOD Network Environment of enclave.
• Experience conducting vulnerability assessments using industry tools - NESSUS, Tenable, Kali, Burp Metasploit Core Impact, etc.

Desired Skills:

• Vulnerability Assessments using industry tools - NESSUS, Tenable, Kali, Burp Metasploit Core Impact, etc.
• Understanding of cloud security controls (e.g Azure, O365, AWS).
• Experience with Incident Response.
• Demonstrated success and understanding of accepted frameworks such as, ISO/IEC 27001, COBIT, and NIST, including 800-53.

Certifications:

• ISC)2 Certified Information Security Professional (CISSP).
• ISACA Certified Information Systems Auditor (CISA).
• SANs GIAC certification ( e.g., GPEN or GW APT).
• Offensive-Security, Certified Professional (OSCP).
• EC-Council Certified Ethical Hacker (CEH).

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis of race, color, religion, gender, age, national origin, citizenship, disability, veteran status or any other classification protected by federal, state, or local law. ECS promotes affirmative action for minorities, women, disabled persons, and veterans.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3800+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.

General Description of Benefits

This job has expired.