Established in 1946, with headquarters in Washington, D.C., American Institutes for Research (AIR) is an independent, nonpartisan, not-for-profit organization that conducts behavioral and social science research and delivers technical assistance both domestically and internationally. As one of the largest behavioral and social science research organizations in the world, AIR is committed to empowering communities and institutions with innovative solutions to the most critical challenges in education, health, workforce, and international development.
We are currently searching for a Systems Engineer - Cyber Security specializing in server/network security for our Washington, DC headquarters.
Position is responsible for the following:
? Have overall responsibility for configuration control of security architecture tools and services, including but not limited to:
? Application Whitelisting Software tools
? Log aggregation tools
? IPS/IDS signatures and scripting
? Firewalls and Security Gateways
? Conducts risk and vulnerability assessments of information systems to identify vulnerabilities, risks, and protection needs and work with rest of Operations Team members in remediating those findings.
? Participate in the research, design, test and recommend security controls for server, network switches, routers and storage infrastructure
? Work within the IT Service Operations Team to respond to alerts, identify and address threats in a timely manner.
? Monitor metrics associated with security controls to ensure controls are tuned for peak effectiveness. Evaluate, recommend and adjust work processes as necessary to correct adverse trends.
? Ensure environment is hardened to industry accepted standards and tuned to the extent practicable to prevent non-authorized personnel from accessing server infrastructure.
? Measure, identify, and remediate systems that do not meet minimum security standards.
? Work with operations teams to troubleshoot and resolve operational issues involving security controls.
? Manages, documents and executes on security configuration, patching, application white listing, hardening, scanning, monitoring, and metrics for all security appliances and infrastructure systems.
AIR offers an excellent compensation and benefits package, including a fully funded retirement plan, generous paid time off, commuter benefits, and tuition assistance. To apply, please go to TBD. Candidates must apply online for consideration. EOE.
? Minimum of 5 years server security experience in mid-sized to large IT organizations.
? Education Level: Bachelor's degree in Cyber Security or related field; Master's preferred
? Must have experience with security technologies including firewalls, application white listing, server configuration control, logging and monitoring tools, antivirus, and mail security systems.
? Must have in-depth, hands-on experience with security features and system administration of Linux and Windows OS.
? Must have an understanding of security vulnerabilities in common operating systems, web and applications servers, including knowledge of remediation procedures.
? Experience or understanding of multiple security standards common to the Federal Government (NIST, FISMA, etc.)
? Experience analyzing new requirements and making security recommendations based on business objectives.
? Must have experience implementing and maintaining security controls and best practices.
? Experience working with CheckPoint Firewalls.
? Excellent communication skills and ability to work collaboratively across all business units.
? Experience working with Nessus vulnerability scanner is preferred.