IA Engineer Lead

The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solutions and the integrity of our people. Explore what you can bring to our solutions in the areas of cyber, cloud and enterprise security.

Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!

This position will be Remote.

Responsibilities:

* Performing technical (evaluation of technology) and non-technical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas (e.g., local computing environment, network and infrastructure, enclave boundary, supporting infrastructure, and applications)

* Conducting and/or supporting authorized penetration testing on enterprise network assets

* Making recommendations regarding the selection of cost-effective security controls to mitigate risk (e.g., protection of information, systems and processes)

* Preparing assessment reports that identify technical and procedural findings, and provide recommended remediation strategies/solutions

* Leading compliance framework assessments (e.g., NIST 800-53, HIPAA, SOC-2)

* Maintaining deployable cyber defense assessment toolkit (e.g., specialized cyber defense software and hardware) to support cyber defense assessment missions

* Formal written and verbal communication with customer leadership and technical staff regarding assessment findings and reports

* Virtual team communication via multiple collaboration tools with team members and leadership

* Leading small to mid-sized projects with oversight and guidance from manager

Qualifications:

* Bachelor's Degree in Cybersecurity, Computer Science, Mathematics, Information Technology or related field, and 8 years of experience of a Master's and 6 years of experience; equivalent experience and professional training/certifications to offset degree requirements will be considered

* Five years minimum of experience in information assurance/cybersecurity

* Clearance eligible required; Current clearance preferred (i.e., DoD Secret)

* The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship

Must possess one of the following certifications:

* Certified Information Systems Security Professional (CISSP)

* Certified Ethical Hacker (CEH)

* Systems Security Certified Practitioner (SSCP)

* Offensive Security Certified Professional (OSCP)

* Security+

* Certified Authorization Professional (CAP)

Skill in:

* Conducting vulnerability scans and recognizing vulnerabilities in security systems

* Conducting application vulnerability assessments

* The use of penetration testing tools and techniques

* Using network analysis tools to identify vulnerabilities

* Assessing compliance with standard configuration baselines (DISA STIG/SRC, CIS Benchmark)

* Assessing the application of cryptography

* Assessing the robustness of security systems and designs

* Mimicking threat behaviors

* The use of social engineering techniques

* Performing impact/risk assessments

* Identifying systemic security issues based on the analysis of vulnerability and configuration data

* Assessing security controls against recognized compliance frameworks (e.g., NIST 800-53)

Knowledge of:

* Application vulnerabilities

* Computer networking concepts and protocols, and network security methodologies

* Network traffic standards and technology (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], etc.)

* Penetration testing principles, tools, and techniques

* System and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)

* Risk management processes (e.g., methods for assessing and mitigating risk)

* Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)

* National and international laws, regulations, policies, and ethics as they relate to cybersecurity

* Industry standard compliance frameworks (e.g., NIST 800-53, CIS Control Framework)

* Cybersecurity principles

* Cyber threats and vulnerabilities

* Specific operational impacts of cybersecurity lapses

* Cryptography and cryptographic key management concepts

* Host/network access control mechanisms (e.g., access control list)

* Network access, identity, and access management (e.g., public key infrastructure [PKI])

* Network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services

* Basic system administration, network, and operating system hardening techniques

* General attack stages (e.g., foot printing and scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks)

* System administration concepts for Unix/Linux and/or Windows operating systems

The successful candidate must meet eligibility requirements to access sensitive information, which requires US citizenship.

Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment.

Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. Telos offers excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future.

Telos Corporation and its subsidiaries are committed to equal opportunity for all, without regard to race, religion, color, national origin, citizenship, sex, sexual orientation, gender identity, age, veteran status, disability, genetic information, or any other protected characteristic. Telos Corporation will make reasonable accommodations for known physical or mental limitations of otherwise qualified employees and applicants with disabilities unless the accommodation would impose an undue hardship on the operation of our business. If you are interested in applying for an employment opportunity and feel you need a reasonable accommodation pursuant to the ADA, please contact us at 1-800-283-1911. If you require relay service assistance, please click on the following link to review information on your state's relay service: https://www.fcc.gov/accessibility.

Telos Corporation is an EEO/AA employer.