Engility delivers innovative solutions to critical challenges facing the nation and the world. As a premier provider of integrated services for the U.S. government, we support the Department of Defense, intelligence community, space communities, federal civilian agencies and international customers. Engility is dedicated to making lives better, safer and more secure.
Are you a problem solver? Do you like complex, challenging puzzles? Do you enjoy traveling and experiencing new environments? If so, this position may be a perfect fit for you. The candidate will be a key player in supporting and evolving the processes, procedures and methodologies for implementing and executing exploitation, analysis, and instruction activities in support of Cyber Protection Teams (CPTs). The candidate will be involved throughout all phases of the CPT mission. Although not all inclusive, the position involves a blending of several disciplines to include, but not limited to; forensics analysis, incident response, reverse engineering, code/script development, and knowledge of network ports, protocols and services.
More specifically, the candidate will:
- Demonstrate an ability to methodically and proactively analyze problems and offer solutions.
- Perform as part of an Incident Response Team – possess knowledge of cyber incident and response, forensics, and related current events.
- Understand and be well versed in common cyber threat terminology, vulnerability and basic knowledge of penetration test principles and methodologies.
- Exhibit good writing and communications skills, to include the ability to render concise reports, summaries, and formal oral presentations.
- Willing to travel 30% of the time with trips varying in length, as dictated by the customer.
- Possess a TS/SCI with CI/Poly or possess a TS/SCI and successfully complete CI Poly requirements within an established time-frame.
- Must possess or be willing to obtain an IAT Level III certification: CISSP (or Associate), CASP, CISA, GCED, GCIH, or CCNP-Security.
- Must be willing to obtain additional certifications as required including MCSA Windows Server 2012 or higher.
- Minimum Bachelor’s degree and 2-years’ experience, Associates degree with 4-years’ experience or 6-years’ equivalent experience without a degree; degrees focused on engineering or applied science.
- Must complete self-assessment questionnaire, customer pre-screen, skills assessment lab, and pass the training and certification program(s) as dictated by the customer, and remain mission ready qualified.
- Candidate should be self-motivated with minimal supervision.
- Intermediate “hands-on” experience with PowerShell and WMI capabilities.
- Intermediate knowledge in packet analysis using Wireshark, tcpdump, Splunk, ELK, Bro, etc.
- Ability to operate and navigate UNIX/Linux operating systems from the command prompt/line with ease.
- Familiarity with common forensics tools and capabilities (i.e., EnCase, Forensic Toolkit (FTK)).
- Cisco knowledge preferred.
- Forensic/Incident Response associated certification preferred (i.e., GCIH, GCFA, GCFE, EnCE certifications).