ShorePoint is a cybersecurity services firm with a focus on high-profile, high-threat private and public-sector customers who demand experience and proven security models to protect their data. We are seeking Blue Team Engineers with experience utilizing offensive tools and techniques to conduct exercises for a government agency that mimic both insider and external threats to operational systems and networks. Activities include but are not limited to network discovery threat detection, forensic support and reporting. This is a unique opportunity to shape the growth, development and culture of an exciting and emerging company in the cybersecurity market.
Roles and Responsibilities
- Conduct automated and manual test of information systems using industry best tools, to include vulnerability scans, source code review and web application testing
- Develop test plans, perform tests and prepare after-action reports for information systems
- Document tests in accordance with agency regulations and SOPs
- Contribute to A&A, POA&M vulnerability management, and continuous monitoring efforts by providing trend analysis and briefings
- Utilize signature-based scanners, data collection tools, and hardware analysis tools to determine the footprint and impact of potential events
- Conduct SIEM reviews to ensure proper detection and notification of threat events
- Support vulnerability analysis and mitigation strategies to prevent additional occurrences of threat events
- The candidate should be comfortable researching and understanding a wide variety of information systems and emerging technologies
- Have a broad knowledge of security methodologies, solutions and best practices
- Have experience with multiple open source and commercial testing tools; a non-comprehensive list includes Nessus, App Detective, Metasploit, Burp Suite, and nmap
- Advanced understanding of the strengths and weaknesses of security tools with the ability to select the right tool for the job; ability to configure and troubleshoot tools if necessary
- Be comfortable using, configuring, troubleshooting, and administrate both Unix/Linux and Microsoft operating systems; extensive systems engineering experience with at least one of these OSs
- Solid understand of the security policies of Department of Justice and FBI, as well as security guidelines published by the National Institute of Standards (e.g., 800-53 and 800-53a)
- Have the ability to think critically and creatively; capable of synthesizing and analyzing large amounts of data related to complex systems; ability to articulate thoughts and findings in a concise and comprehensive manner.
The ideal candidate must have an expert understanding of at least one of the following technologies and their security vulnerabilities:
o Web applications and technologies. Advanced understanding of application programming languages, application servers, Web services, and Web browsers. Candidate should also understand the vulnerabilities related to these technologies, as well as security best practices when using them. Candidate should also be able to use automated assessment tools and manual testing techniques to assess these applications. Familiarity with OWASP testing methodology is also required.
o Networking technologies. Advanced proficiency with various networking skills and technologies, including (but not limited to) Cisco hardware and IOS, firewalls, IDS and IPSs, packet analysis, and high level network architecture fundamentals.
o Enterprise solutions, storage and databases. Advanced understanding of relational databases, database management systems, enterprise storage solutions, and security concerns specific to these technologies.
o Cross domain solutions and trusted operating systems. Advanced experience with a range of Cross Domain Solutions, or CDSs, and advanced understanding of the unique security requirements of CDSs and trusted OSs such as trusted Solaris v8, Solaris v10 with trusted extensions and Security Enhanced Linux.
o Virtualization technologies. Advanced experience with VMware products, Microsoft virtualization technologies and/or similar technologies.
o Mainframes. Advanced hardware, OSs, networking, and security best practices
Must have one of the following certifications: CISSP, ISACA, OSCP, CISA, GPEN or GWAPT, C|EH
Bachelor’s degree or ten (10) years of IT experience
Top Secret with SCI eligibility and ability to pass a Counter-Intelligence (CI) polygraph