Search this site:
Career Opportunities
Job Title: Information Assurance Specialists
Locations:
Northern Virginia Area
Security Clearance: Yes
Relocation: No
Job Description:
SphereCom is seeking experienced Information Assurance Specialists to assist customers in developing secure information systems, including:
- Conducting security assessments on computer and communications systems
- Analyzing and administering DoD and/or NIST security controls
- Developing system security documentation for DoD and non-DoD information systems
- Performing system assessments using automated vulnerability scanning tools
- Researching, testing, and/or recommending new security software and devices
- Preparing and testing disaster recovery and contingency programs
Requirements:
Positions require 2-5 years of experience in conducting information assurance/information security activities, such as:
- System Security Certification and Accreditation (C&A)
- Security Test and Evaluation (ST&E) of information technology systems
- Information Security (INFOSEC) assessments
- Configuring and operating IA-enabled devices
- Preparation of security-related deliverables/documentation
Desired Qualifications:
- CISSP, CISM, or similar professional industry certification, desired
Job Title: Information Security Analysts / Information Security Engineers
Locations:
Northern Virginia Area
Security Clearance: Yes
Relocation: No
Job Description:
SphereCom is seeking experienced Information Security Analysts / Information Security Engineers to assist in designing, establishing, assessing, and maintaining the security posture of systems for its customers, including:
- Preparing white papers, work instructions, and other guidance to allow the customer to maintain a FISMA compliant risk management framework.
- Reviewing and updating policy documentation based on changes in FISMA guidance provided by OMB and NIST
- Developing and/or providing review comments on Certification and Accreditation and FISMA compliance documents
- Reviewing results of security control assessments and risk
- Providing recommendations on implementation of security controls to meet FISMA requirements
- Participating in the security design and architecture review of systems and/or applications
- Providing recommendations for correcting security weaknesses in applications and/or infrastructure
Requirements:
Positions require 2-5 years hands-on experience with government security risk management frameworks, as well as an understanding of FISMA and NIST guidelines.
Desired Qualifications:
- CISSP, CISM, or similar professional industry certification
Job Title: Network Operations Analysts
Locations:
Woodlawn, Maryland
Baltimore, Maryland
Security Clearance: Yes
Relocation: No
Job Description:
SphereCom is seeking experienced individuals to staff a Security Operations Center (SOC) for a major Government agency located in the Baltimore, Maryland area. Responsibilities include:
- Operating and monitoring Security Element Manager (SEM) and Intrusion Detection/Protection Systems (IDS/IPS)
- Reviewing daily logs and alerts from IDS/IPS sensors, firewall and content filters
- Identifying and reporting security events, analyzing and documenting security problems, and escalating high priority problems
- Measuring and modeling network traffic looking for patterns and ports
- Becoming proficient in the use of customer's internal ticketing system
- Analyzing data from security device logs
- Performing in-depth analysis of traffic through customer's network
- Identifying and documenting newly discovered vulnerabilities and exploits
- Applying new intrusion detection signatures and creating custom signatures as needed
- Producing monthly reports of IDS alert statistics and trends
- Producing ad-hoc and recurring reports
Requirements:
The ideal candidates will possess outstanding communications and interpersonal skills, and have the ability to problem solve. 2-5 years of hands-on experience and/or formal training in the operation of the ArcSight Security Information and Event Management (SIEM) product family. Positions require a minimum of three (3) years hands-on experience with government security risk management frameworks, as well as an understanding of FISMA and NIST guidelines.
Desired Qualifications:
- CISSP, Security+, Network+, or similar professional-level industry certification
- Vendor Certifications from SEM, IDS/IPS or other security equipment vendors