• Sr. Cyber Security Engineer SME III

    Job Location
    # of Openings
    Security Clearance
    Active Secret
    Percentage of Travel Required
    Regular Full-Time
  • Overview

    Lead reviews of emerging technologies and practices and provide recommendations for developing security guidance and standards at the enterprise level applicable in the planning and implementation of enterprise cyber security services and technical approaches. Supporting work would include identifying security threats, including current and emerging classes of exploits, vulnerabilities, and risks, then recommending suitable mitigation measures and security strategies which apply to the agency’s security defenses. Scope will include developing new threat analysis capabilities, operationalizing existing and new threat and vulnerability events, security breaches and/or malicious attacks while training and supporting our team and customer.


    Participate in IA meetings, boards such as TRB, CCB, program management reviews, and other related meetings and provide analyses that include recommendations to enable the Government to make informed decisions.


    • Prepare gap analysis and develop a list of priority security requirements
    • Prioritize the sensitivity and importance of systems and datasets for security protections
    • Provide systems engineering subject matter expertise to meet critical needs for independent assessments, engineering studies, and systems engineering and integration to assess the potential viability and cost-effectiveness of security solutions and their alignment to the agency information security architecture and policy
    • Provide enterprise systems engineering guidance, systems security technical guidance, expert technical advice, technology assessments (research and proof-of-concepts), acquisition analysis (AoAs), and independent technical reviews
    • Perform technical reviews or assessments of external or community support systems proposed for use to support the agency’s mission
    • Provide Security analysis, IA coordination among the different teams and final recommendations of Software Approval Requests (SARs)
    • Identify log and event sources including Active Directory Event logs, Routers, Switches, Firewalls, PCAP/Flow data, DNS, audit and authentication logs, VPN, IDS and other sensors
    • Provide a variety of written documents including memoranda and engineering surveys or service reports detailing specific engineering services planned or performed and maintain regularly Standard Operating Procedures (SOP) and Concept of Operations (CONOPS)
    • Utilize Splunk to support dashboard, report and other capabilities
    • Provide Cybersecurity and Threat Analyst services to support active cybersecurity incidents and events from the new Logging and Event Management turnkey solution
    • Support of the analysis and logging of Firewall events
    • Decommission existing SIEM tools while ensuring capabilities are migrated to Splunk
    • Initiate, maintain, and support all current and future transfers of log data such as Firewalls, IDS, IPS, DNS, DHCP, Web Proxy, Anti-Virus and SMTP
    • Evaluate communication security, data vulnerability, business continuity and compliance risks along with vulnerabilities/weaknesses in systems
    • Examine compliance with security controls and deficiencies, security policy, processes and procedures for completeness, and ensure that controls are adequate
    • Continuously review, correlate, and report on data from multiple new data sources including Skybox, Nessus, FireEye and various other information security operations software systems


    • Education:
      • Splunk, FireEye, Unix/Linux, Windows and/or Palo Alto firewall certifications
      • Bachelor's degree in Computer Science, Information Systems, Engineering, or other related discipline
    • Required Knowledge:
      • 10+ years’ experience in cybersecurity, Infrastructure, and/or technical field
      • Experience with Palo Alto and Juniper firewalls
      • Experience analyzing Firewall, IDS/IPS, DNS, DHCP, Web Proxy, Anti-Virus and SMTP data for security related concerns and events
      • AWS and VMware experience
      • Proficient with Unix/Linux and comfortable with CLI and RHEL
      • Experience and familiarity with IT management products and services
      • Experience with networking, server, application and development technologies
      • Small team management capabilities with strong written and verbal communication skills
    • Preferred Knowledge:
      • Splunk, RHEL, FireEye, ITSM Frameworks, VDI, Juniper firewalls
      • Domain expertise with IT operations, security or compliance is desirable
      • ServiceNow experience
      • Forensics experience

    Other Responsibilities

    • Perform other tasks consistent with the goals and objectives of the department/contract
    • Perform other duties as assigned by Sr Program Executive

    Invest in a company that invests in you! Copper River provides its employees with ample opportunities for career growth and development. Tuition reimbursement is offered to help employees further their education and skillset. Other perks include Open Leave, 401k matching with immediate vesting, Medical, Vision, and Dental coverage.


    EEO/AA Employer Minorities/Females/Vets/Disability


    Disclaimer: The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed