Cyber Security Project Engineer - Alexandria

Overview:

The Client also requires software development to maintain an online infrastructure, evaluating and extracting relevant data, web development, and software coding.

In return, Acuity Inc offers a great company culture with wonderful work/life balance and a robust compensation package which includes Health/Dental/Vision, up to $6K training & professional development benefit annually, 401K matching, corporate events/team-building and more!

Acuity was awarded "Best Places to Work" by the Washington Business Journal for over 8 years (2010 - 2014, 2015, 2017-2021, 2023, 2024) and "Top Workplaces" by Washington Post (2022, 2023, 2024). www.myacuity.com

If you have technical experience and a passion for making a difference, we might be the right fit for you.

Responsibilities:

What you 'll be doing:

• Shall perform technical risk assessments and provide technical risk mitigation guidance on the use of various enabling technologies.
• Shall gather Body of Evidence (BOE) and assess artifacts, such as CONOPS, use cases, detailed network diagrams, technical design details, procurement methods, and System Security Plan (SSP) to get a holistic view of the interworking parts of a given technology implementation being evaluated, from which real insights can be derived to inform risk assessor’s judgement.
• Shall apply consistent and systematic investigative practices to comprehensively assess risks, identify and characterize threats and vulnerabilities.
• Shall evaluate system or network operations using network management platforms, network scanning tools, auditing functions, PCAP captures, and log reviews.
• Shall analyze system, network, or cloud configurations for mis-configured settings, configurations not required for deployment, removal of test scripts to minimize the configuration to fulfill the specific deployment.
• Shall analyze hardware and software used in a system or network for origin of manufacturer, known vulnerabilities, outdated hardware or software.
• Shall remain current with existing and future technologies to assist the Client with identifying associated risks of implementing proposed technologies.
• Shall provide guidance of potential cyber threats, attacks, and exploitations and advise decision-makers of the inherent risks and mitigation to the Client’s equities.
• Shall ensure appropriate risk mitigation considerations are baked in early in the development cycle, and risks and vulnerabilities are well understood and appropriately mitigated.
• Shall organize and schedule work to effectively manage a case load.
• Shall track, document, and communicate progress status updates and weekly status updates on all technical risk assessment reports, cases describing potential security concerns and mitigations to enhance security posture.

Qualifications:

Required Skills:

• Demonstrated experience analyzing IT systems for cyber security vulnerabilities.
• Demonstrated experience developing IT system or network architecture design, conducting IP data flow analysis, encryption configuration, and vulnerability analysis using both open-source and commercial tools, such as Nmap, Wireshark, Metasploit, Canvas, Kismet, or BackTrack.
• Demonstrated experience analyzing IT network configurations of devices such as firewalls, routers, switches, VPNs, or Intrusion Detection/Prevention Systems for cyber security vulnerabilities.
• Demonstrated experience with communications protocols such as IP, TCP, UDP, HTTP, HTTPS, MPLS, OSPF, IGRP, BGP, SIP, H.232.
• Demonstrated experience with multiple OS’s, including Windows, Linux, and OSX.
• Demonstrated experience with Microsoft Windows ver.; 7, 8, 10, 2008R2, 2012, 2012R2, or 2016.
• Demonstrated experience with cloud computing technology and hypervisors such as HyperV, VMWare ESX, or Virtual Box.
• Demonstrated experience with transitioning security domains and use of cross domain appliances.
• Demonstrated experience with network management systems, network storage, backup systems, and disaster recovery (DR) architectures.
• Demonstrated experience performing technical risk assessments and providing technical risk mitigation guidance.
• Demonstrated experience ensuring appropriate risk mitigation considerations, risks and vulnerabilities are well understood and appropriately mitigated.
• Demonstrated experience analyzing procurement processes of hardware, software and services to comply with cyber security and operational needs.
• Demonstrated experience creating concise and well-structured written assessments.
• Certifications: CISSP Certification.

Preferred Skills:

• Demonstrated experience with the Client’s IT review boards.
• Demonstrated experience with providing recommendations to IT architecture and design reviews.
• Demonstrated experience with the Sponsor’s security policies and regulations.
• Demonstrated experience providing recommendations in technical standards, security standards, and operational assurance.
• Demonstrated experience with USG standards such as Intelligence Community Directive (ICD) 503, Federal Information Processing Standards (FIPS), National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37, SP 800-39, SP 800-53, SP 800-53A, SP 800-60.
• Certifications: Certified Information Security Manager (CISM), Certified Ethical Hacker.

Clearance Requirements:

• TS/SCI w/Poly

About Acuity:

Acuity, Inc. is a leading management and technology consulting firm that specializes in serving the federal government. Our innovative, collaborative and rewarding work environment has earned repeat honors from the Washington Business Journal’s Best Places to Work and SmartCEO Corporate Culture awards.

• Innovative Excellence: Recognized by The Washington Post's "Top Workplaces" and a nine-time recipient of the Washington Business Journal's "Best Places to Work," Acuity fosters an environment where innovation thrives and employees flourish.
• Competitive Compensation: We value our employees and show it through highly competitive compensation and benefits packages.
• Personal Growth: Your potential isn't just recognized at Acuity, it's actively cultivated. With tailored training, mentorship, and cutting-edge resources, we empower you to thrive personally and professionally.
• Recognition and Visibility: Stand out in a competitive industry with Acuity's exceptional customer feedback and robust opportunity channels.
• Collaborative Culture: At Acuity, teamwork isn't just a buzzword – it's the cornerstone of our success. Encouragement and support fuel our collaborative culture, where every voice matters.
• Diversity and Inclusion: Diversity isn't just a checkbox – it's who we are. At Acuity, we pride ourselves on recruiting and maintaining a workforce that celebrates diversity and treats every employee with dignity and respect.

Join Acuity, where your talents are valued, your growth is nurtured, and your impact is amplified. Together, let's shape the future of digital strategy and technology consulting.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.