Security Engineer

Company Name:
Cynetra Systems
: Security Engineer
Location: Reston, VA (with occasional travel to Urbana)
Duration: 6+ months, upwards to a year
Citizenship: TN, Green Card, US Citizen
Interview Process: Phone Interview / Onsite, in-person interview
Must Have's:
- Evaluate Web Application Firewalls (WAF) to select the best product. - Develop test plans to evaluate WAF such that they match the requirements. - Testing and evaluation of the WAFs and provide the results to management. - Develop the design and Architecture for the WAF placement. - Configure, deploy and setup the WAF. - Document the test plans, capture test results, and track issues/risks. - Comply with the company change management policies and procedures. - Develop all the required documentation such as Implementation plan, backout, shakeout, etc. - Develop Operational procedures for ongoing maintenance of the WAFs. - Provide updates and status to the
on an ongoing basis. - Complete adhoc tasks and activities requested by the manager to support the projects.
Prefer to see candidates with CISSP certification
5+ years of overall IT security experience is required
Candidates with the following background will be highly qualified for this position:
- Experience w/ Web Application Firewall deployment - Experience w/ vendor product selection process, WAF products preferred - Experience w/ developing product selection evaluation testing scenarios based on requirements, WAF products preferred - Experience w/ documenting evaluation results, scoring, pros and cons, and be able to facilitate the decision making process - Experience w/ leading in-house vendor production proof of concept, discussing requirements w/ vendors, asking probing questions, executing test cases and documenting results - Experience w/ managing vendor selection schedule

Manager notes:
Team: responsible for providing new solutions, new functionalities, patching, and upgrades of software. If there is an issue with software, this team works on providing solutions to that issue.
CISSP Certification:preferred for both roles, but not required.
Please do not submit analysts to these roles; this will waste everyone's time.
o Currently, FM has a need that requires this team to find a solution for. The potential solution could be implementing a new application firewall, which would prevent hackers or malware from getting to the application. The team just kicked off this project, but the manager wants this resource to evaluate solutions in the market that meets the requirements outlined by the need for a new application firewall. This resource will build test cases, evaluate products based on the requirements set forth, and develop evaluation criteria that will determine the success of the new products. From there, they will bring the products in- house, run test cases on them, test the product, and determine which product tested is the best fit based on the following mandates:
Meets FM requirements
How easy it is to manage/maintain
They will then work with various teams configure and set up policies that ensure the product complies with FM's change policy as well as all of FM's approvals and checkpoints. During deployment, this person will document everything (test plans, design plans, back-out & shakeout, etc.) to make sure it meets all compliance.
o Once the product is implemented and going through UAT, this person will also develop the operations manual which will be used for ongoing management and maintenance.
o Background and Stand Out Resumes- Anyone with a network background or application security background will stand out the most for this manager.

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.