Security Engineer Consultant

Capgemini Government Solutions
Mclean, VA
03 Jun 2024

Vacancy expired!

Capgemini Government Solutions (CGS) LLC is seeking a highly motivated Security Engineer to join our Cyber Security team to support our clients cyber requirements, and a new requirement for our customers. They provide full cooperation to the appropriate teams for participating in cyber investigations. If you are passionate about working in a highly collaborative Cyber environment, we want to hear from you. The successful candidate will have the opportunity to apply and grow their skillset in, work with a motivated and entrepreneurial team, engage with a wide range of stakeholders, and build CGS capabilities.

As a Lead Security Engineer, you will:
  • Monitor the security tools (including but not limited to a SIEM-based solution, IPS/IDS, Firewall, Anti-Malware, Endpoint Security, Web Application Firewall, etc.) to maintain situational awareness to satisfy the CEM 24x7 monitoring requirement.
  • Proactively protect the client's environment.
  • Look for unusual activity by reviewing all available information including (but not limited to) the above-referenced tools and investigate any unusual detected activity.
  • Investigate all security alerts received by the CEM. Investigations will make use of all tools and log files possible. Investigations will determine if the alert is a false positive, a security event, an actual attack, and/or a security incident.
  • Investigation will answer and report on the who, what, where, when, and how of the occurrence. Investigations will report on any actions taken to contain and/or remediate the situation and include any recommendations for further action. Investigations will include a historical summary of previous investigations of the same alert.
  • Investigate anything requested by management or the CSO at their discretion. The investigation will be performed as described above.
  • Provide cybersecurity root-cause analysis in support of any tickets for which it fails to meet the Acceptable Quality Levels (AQLs) specified in the Performance Requirement Summary (PRS). This root-cause analysis will include documenting recommendations for corrective action.
  • Escalate any security incident (the confidentiality, integrity, or availability of any information or information asset is negatively impacted) to the Incident Response (IR) team. Further, the CEM analyst will enlist the assistance of IR for any situation that exceed the skills of the CEM analyst / team, or that require more manpower than is available to the CEM team.
  • Perform a shift handoff at the end of every shift. The shift handoff will provide situational awareness to the incoming shift. The shift handoff will also instruct the incoming shift to continue/finish investigations, reports and other work that was not completed by the outgoing shift, and provide all details required for the incoming shift to easily pick up the work where it was left off. The shift handoff information will be recorded in the shift report in the format described in the shift report SOP.
  • Will write and distribute reports, including but not limited to the Shift Report, the Daily Virus Report, the Daily Activities Report, Daily Shift Tracker, the Weekly Activities Report, the Blue Coat Report, Investigation Reports, etc., as described in their respective SOP, ad hoc - as the need arises, or as directed by management.
  • Will write reports on investigations, other reports, emails or any other communications that use proper spelling and grammar, are easily understood, logically constructed, and complete to the point that no likely questions remain unanswered.
  • Will process and complete tickets received from ServiceNow such as Non-Standard Software Requests, Unblock Requests, Lost and Stolen, etc., in the manner as described in their respective SOPs. Any ServiceNow tickets not completed and closed by the end of the shift must be handed off to the next shift for completion.
  • Will process and complete tickets received from CDC Tracker. Any CDC Tracker tickets not completed and closed by the end of the shift must be handed off to the next shift for completion.
  • Will investigate all reported suspicious emails and determine whether the email is malicious, non-malicious or legitimate. The CEM analyst will categorize and file reported email messages to support tracking and reporting activities. The CEM analyst will reply to the user who reported the suspicious email with a message reporting the determination and any recommendations.
  • Will maintain their Laptop and all software therein in a state of readiness necessary to support all activities required of the CEM analyst.
  • Will read all email messages they receive and handle each as required by either responding, investigating, reporting, acknowledging, filing and categorizing for future reference, etc.
  • Will attend all meetings and conference calls that may be required. The CEM analyst will take notes as appropriate and report pertinent information to the rest of the CDC as appropriate.
  • Will update their timesheet daily and keep it current as of the close of that day.
  • Will assist coworkers where necessary, including but not limited to onboarding, training, investigations, reports, etc.
  • Will complete required periodic training such as Security Awareness Training, Privacy Training, Sexual Harassment Training, etc.

Required Qualifications:
  • Bachelors of Science in Computer Science, Systems Engineering, Cybersecurity, Information Technology or related area.
  • Minimum of 1 year of experience in a Security Operations Center (SOC) environment, exceptions may apply based on other factors.
  • 5+ years of experience in a Security Operations Center (SOC) environment.
  • As needed (not often), provide after-hours and weekend support.
  • Significant experience installing, configuring, and maintaining numerous security tools and technologies to include the following (and/or comparable) security technologies:
  • SIEM Splunk Enterprise Security (ES)
  • McAfee Network Security Manager (NSM) Intrusion Detection/Protection System (IDS/IPS) and associated sensors.
  • Imperva Web Application Firewall (WAF)
  • Symantec Endpoint Protection (SEP)

  • Must =

Preferred Certification:
  • Security + (Preferred)
  • Network

Company Overview A global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation to address the entire breadth of clients opportunities in the evolving world of cloud and digital platforms. Building on its strong 50-year heritage and deep industry-specific expertise, Capgemini enables organizations to realize their business ambitions through various services from strategy to operations. Capgemini is driven by the conviction that the business value of technology comes from and through people. It is a multicultural company of 300,000 team members in over 40 countries. The Group reported 2021 global revenues of EUR 17.2 billion. Capgemini Government Solutions, LLC (Capgemini GS) is a subsidiary of Capgemini focused on providing high-quality services to the U.S. Federal Government. Learn more about us at www.capgemini-gs.com. Capgemini has an entrepreneurial environment that embodies the following values: Honesty, Boldness, Trust, Freedom, Team Spirit, Modesty, and Fun. We offer a competitive benefits package to our employees. Capgemini is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender identity/expression, age, religion, disability, sexual orientation, genetics, veteran status, marital status, or any other characteristic protected by law. EEOC: https://www.eeoc.gov/sites/default/files/migratedfiles/employers/posterscreenreaderoptimized.pdf Pay Transparency: https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp%20EnglishformattedESQA508c.pdf Equal Opportunity Employer/Protected Veterans/Individuals with DisabilitiesThe contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractors legal duty to furnish information. 41 CFR 60-1.35(c) See job description
  • ID: #42333987
  • State: Virginia Mclean 22101 Mclean USA
  • City: Mclean
  • Salary: -USD
  • Job type: Permanent
  • Showed: 2022-06-03
  • Deadline: 2022-08-01
  • Category: Et cetera