Linux IA Engineer
The Linux Engineer applies current technologies to the design, development, evaluation and integration of computer information systems and networks to maintain system security. Works with commercial computer product vendors in the design and evaluation of state-of-the-art secure COTS applications, operating systems, networks and database products and technology. Provides security engineering and integration services to internal customers. Involved in a wide range of issues including secure architectures, secure electronic data traffic, network security, information security and privacy. Develops security systems for any manual or automated systems environments. Responsible for ensuring the protection of company data against unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification.
Must have a TS / SCI Clearance
•Proficiency with configuration management using Ansible or Puppet
•Skilled in Linux-related scripting (Bash, Perl, Python, etc.)
•Experience with Apache web server configuration and management
•Management, deployment and troubleshooting of Java and Tomcat applications
•Experience analyzing and evaluating the security of new and existing IT systems and the procedures to protect information system assets from intentional or inadvertent modification, disclosure, or destruction.
•Experience analyzing and evaluating the design and operating effectiveness of Information technology and security controls that are in place.
•Knowledge of Red Hat version 6 or 7(rhel6/rhel7).
•Experience evaluating security solutions to ensure they meet security requirements for processing classified information.
•Perform vulnerability/risk assessment analysis to support certification and accreditation.
•Provides configuration management (CM) form information system security software, hardware, and firmware.
•Manage changes to system and assesses the security impact of those changes.
•Prepare and review documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, etc.
•Experience and/or familiarity with Certification and Accreditation (C&A).
•Experience and/or familiarity with Secure Technical Implementation Guides (STIGs), Information Assurance Vulnerability Alert (IAVA), DCID 6/3, Federal Information Security Management Act (FISMA) and other tools using industry best practices
•Comprehensive knowledge and understanding of best practices, trends related to information security
•Strong research, analytical, and problem solving skills
•Good communication skills including preparing and presenting results, findings and alternatives and influencing management decision making based on the best available data
•Ability to provide security services for certification and accreditation (C&A) requirements, including developing and maintaining information assurance documentation for all network components.
• Knowledge of open source and commercial assessment tools such as: nMap: Nessus Enterprise /Security Manager; Nexpose, Qualys, Imperva, Fortify, HP Webinspect, AppDetective; Burp Suite or similar application testing tools
• Demonstrable passion for threat analysis, research and service excellence
• Investigative and analytical problem solving skills, and critical thinking and contextual analysis abilities
• Strong hands-on and can-do attitude, excellent interpersonal and intercultural skills, ability to work in teams of technical and non-technical experts
• Knowledge in FISMA, PPSM, ICD 503, RMF, JSIG, DIACAP
• Training/certification in any of the following strongly desired:
Training/certification in any of the following strongly desired:
• Red Hat Certified System Administrator (RHCSA)
•Bachelor's degree in Science, Technology, Engineering or Mathematics and a minimum of 6 years of prior relevant experience.
• Master’s degree in a related discipline may be substituted for two (2) years of experience
•Eight (8) years of experience (for a total of fourteen (14) or more years) may be substituted for a degree