Job Details

Cyber Security Engineer
MBA Consulting Services, Inc. (MBA) is a federal government IT systems integrator committed to delivering solutions that solve mission challenges with agility, experience, and innovation. As a mission-focused integrator, we provide a comprehensive range of informationtechnology, engineering, professional services, and facilities management solutions. We have proven expertise in delivering custom data analytics, digital services, systems engineering, human factor engineering, and infrastructure solutions.

MBA is headquartered in Chantilly, Virginia, has more than 350 employees, and is in 46 locations worldwide. With proven leadership and a 20-year heritage, our reputation has been forged by acquiring and developing the best talent in a values-driven culture of integrity, respect, and quality solutions.

MBA CSi is supporting the US Postal Service Engineering Systems (ES) organization to expand its Mail Processing Operational Technology security oversight with a Security Team to continue to further enhance cyber security support functions, including process improvements, risk assessments and validation. ES is intending to augment its resources with additional technical support staff from professionals in cyber security with a broad portfolio of cyber security fields capable of conducting assessments and analytics, utilizing tools and techniques, and establishing procedures and methodologies that will be leveraged to assist in enhancing its cyberspace. Areas of support include updating and responding to cyber risks, security architecture design reviews, assistance during independent security reviews and audits, OS and application security patch management, updates to policies and standards, and advanced security-level evaluation, documentation, training and testing.

We are seeking a Cyber Security Engineer to join the Security Team to support and improve cyber security in Mail Processing Equipment and Material Handling Equipment (MPE/MHE) systems managed by the USPS ES. The Security Team will provide the resources to build upon existing USPS capabilities to support software and system security tasks to include:

1. MPE/MHE System and Software Security
2. Security Assessments and Patch Management
3. Network Traffic Management

As a Cyber Security Engineer, you will support providing hardware and software security for Mail Processing & Distribution equipment in a production environment. You will search for vulnerabilities in software, hardware, networks, and data centers and design strategies and defensive systems to protect against attacks and threats. You will work with other members of the team and utilize their talents (Network Engineer, DevSecOps Engineer, Test Engineer) to evaluate, analyze, plan, test, and deploy a secure production environment.

The Cyber Security Engineers:

• Conduct threat and risk analysis and analyze the business impact of new and existing systems and technologies to eliminate risk, performance, and capacity issues.
• Implement vulnerability assessments and configure audits of operating systems, web servers, and databases and detect patterns, insecure features, and malicious activities in the infrastructure.
• Perform research, testing, evaluation, and deployment of security technology and procedures.
• Run diagnostics on any changes to data to verify any undetected breaches.
• Develop custom systems for specialized security features and procedures for software systems, networks, data centers, and hardware.
• Develop and implement information security standards, guidelines, and procedures.
• Develop firewalls to secure the network infrastructure.
• Keep current with new intrusion methods and develop protection plans.
• Conduct counteractive protocols and report incidents.
• Offer customized risk ratings for vulnerabilities and maintain IT security controls documentation.
• Grant permissions and privileges to authorized users.
• Configure anti-virus systems and consoles and conduct software upgrades.
• Manage the system from threats and identify and manage incidents to mitigate risks.
• Have an in-depth understanding of OWASP testing methodology, Dynamic and Static Application Security Testing, re-engineering, automation, ASP.NET/JAVA, IDS/IPS systems, Burp Suite, Nmap, Nessus, Qualys, and Metasploit, etc.
• Manage relationships and coordinate with clients and service providers while providing customized security assessments, implementing security policies, designing security training materials, organizing training sessions, providing technical support, and communicating security policies and procedures.

• 8 years of specific cyber security applicable experience searching and removing system vulnerabilities and deploying solutions
• Bachelor's Degree in computer science, information technology, telecommunications, computer engineering, or a related technical discipline.
• To complement education and experience, the following certifications are beneficial:
  
  • CompTIA Security+
  • Cisco Certified Entry Networking Technician (CCENT)
  • Cisco Certified Network Associate - Routing and Switching (CCNA)
  • Cisco Certified Network Associate - Security (CCNA-Security)
  • Microsoft Technology Associate (MTA) - Windows Server Administration Fundamentals
  • Certified Ethical Hacker (CEH)

• USPS Sensitive Clearance Required
• Some travel is required
• Familiarity with Microsoft Office