Network Security Engineer (Public Trust Clearance)

Sonsoft , Inc. is a USA based corporation duly organized under the laws of the Commonwealth of Georgia. Sonsoft Inc. is growing at a steady pace specializing in the fields of Software Development, Software Consultancy and Information Technology Enabled Services.

The essential functions/responsibilities for this role:

• Provide hands-on configuration, operation and monitoring of all IT network security devices to include firewalls, remote access appliances, and anti-virus solutions.
• Develop and implement proactive IT security measures and practices to protect customer systems from exploit – specifically focused on firewalls, external access control points, and vulnerability assessment/mitigation.
• Be prepared to offer security-related guidance on business processes, emerging technologies and acquisitions, and vulnerability assessment/mitigation approaches.
• Conduct risk and vulnerability assessment at the network, system and application level.
• Conduct reviews of each system's audits and monitors corrective actions until all actions are closed.
• Analyze, troubleshoot, and investigate security-related, information systems anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts.
• Prepare investigative reports to be submitted to US-CERT.
• Identify and manage projects related to IT security and overall enterprise operations and maintenance, to include the task delegation and status reporting while coordinating activities within the Network and Systems teams and across the IMT department.
• Develop and document detailed processes and procedures related to the analysis of security vulnerabilities, auditing of key security factors, and notification/mitigation of security findings.
• Produce detailed reports of auditing activities that demonstrate proactive management of enterprise security.
• Maintain and update relevant system and process documentation and develop ad-hoc reports as needed.

The person must possess most of the following Knowledge, Skills and Abilities, and perform some of the following duties:

• Possesses familiarity with various aspects and components of information security (encryption methods standards, real-time intruder detection, perimeter security, event correlation, authentication services, vulnerability analysis, and incident handling and forensics, Public Key Infrastructure (PKI) and two-factor authentication solutions.)
• Analyzes and reviews IT and physical security events, and traffic flows escalated from automated detection systems utilizing commercial Security Incident and Event Management (SIEM [Tripwire software]), Intrusion Detection and Prevention Systems (IDS/IPS [Palo Alto, Cisco ASA, McAfee, Ironport software]) and log management and database activity monitoring.
• Exhibits knowledge and experience with common attack methodologies; common types of security vulnerabilities, and malware analysis, and evaluates, plans and recommends long and short term changes to the security architecture designed to improve security posture.
• Possesses recent (within 1 year) and relevant practical experience using Retina, Gold Disk, Wireshark, Snort, Logger, Nessus, NeXpose, Metasploit, and other security and web assessment tools.
• Possesses experience building and maintaining System Security Plans, Incident Response Plans, Contingency Plans and Exercises, Continuity of Operations Plans and exercises, Risk Management Plans and Vulnerability Management Plans in accordance with FISMA, and NIST guidelines.
• Possesses experience directing remediation efforts, building Residual Risk Reports and tracking and executing an IT security Plan of Action and Milestones (POA&M).
• Possesses experience performing Privacy Impact Assessments (PIA) and enacting best practices protecting Personally Identifiable Information (PII).

Public Trust Clearance required for the job.