• Cyber Security Engineer

    Job Location
    Springfield, VA
    # of Openings
    Security Clearance
    Active Secret Minimum; Active Top Secret Preferred
    Percentage of Travel Required
    10% or less
    Regular Full-Time
  • Overview

    Maintain and improve upon the existing security capabilities in support of customers protected data and assets. Scope will include developing new threat analysis capabilities, operationalizing existing and new threat and vulnerability events, security breaches and/or malicious attacks while training and supporting our team and customer.


    • Identify log and event sources including Active Directory Event logs, Routers, Switches, Firewalls, PCAP/Flow data, DNS, audit and authentication logs, VPN, IDS, and other sensor field tools and technologies
    • Make recommendations on new threat feeds and tools to help evolve automated threat capabilities as well as aid in forensic and historical investigations
    • Utilize Splunk to support dashboard, report and other capabilities to support the Cyber Security Program
    • Provide Cybersecurity and Threat Analyst services to support active cybersecurity incidents and events from the new Logging and Event Management turnkey solution
    • Support the analysis and logging of Firewall events
    • Decommission existing SIEM tools while ensuring capabilities are migrated to Splunk
    • Initiate, maintain, and support all current and future transfers of log data such as Firewalls, IDS, IPS, DNS, DHCP, Web Proxy, Anti-Virus and SMTP (IronPort as needed)
    • Evaluate communication security, data vulnerability, business continuity and compliance risks along with vulnerabilities/weaknesses in systems
    • Examine employee compliance with security controls and deficiencies, security policy, processes and procedures for completeness, and ensure that controls are adequate to protect sensitive information systems
    • Continuous review, correlation, and reporting on data from multiple new data sources including DLP, Multi-Factor Auth, FireEye, and various systems
    • Provide additional training services to the Agency staff as requested


    • Education:
      • Degree in a related field
    • Required Knowledge:
      • 5+ years experience in cybersecurity, Infrastructure, and/or technical field
      • Experience with Checkpoint and/or Juniper firewalls
      • Proficient with Unix/Linux and comfortable with CLI and RHEL
      • Experience analyzing Firewall, IDS, IPS, DNS, DHCP, Web Proxy, Anti-Virus and SMTP data for security related concerns and events
      • Experience with Unix/Linux and comfortable with a CLI environment
      • Experience and familiarity with IT management products and services
      • Experience with networking, server, application and development technologies
      • Domain expertise with IT operations, security or compliance is desirable
      • Strong written and verbal communication skills
    • Preferred Knowledge:
      • Splunk, RHEL, ITSM Frameworks
      • Splunk, FireEye, Unix/Linix, Windows Server, Checkpoint and/or Juniper firewall certifications are a plus

    Other Responsibilities

    • Perform other tasks consistent with the goals and objectives of the department/contract
    • Perform other duties as assigned by Sr Principal Engineer

    Invest in a company that invests in you! Copper River provides its employees with ample opportunities for career growth and development. Tuition reimbursement is offered to help employees further their education and skillset. Other perks include Open Leave, 401k matching with immediate vesting, Medical, Vision, and Dental coverage.


    EEO/AA Employer Minorities/Females/Vets/Disability


    Disclaimer: The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed