Job Details

Mid-Level Cyber Security Engineer

XLA Associates
College Park, Maryland, United States
Position Description:

XLA is seeking a Cyber Security Subject Matter Expert (SME) with a broad knowledge of the domain including network security, system security, vulnerability scanning, web-based application scanning, risk assessments, security engineering, etc. Experience configuring, managing, and running Security Operation Center (SOC) type tools (e.g., Tenable.SC (Security Center), FireEye Threat Management System, Snort, etc.) SME will support a Federal Civilian Agency with vulnerability management and incident response work. The position involves working in a small focused team that follows the Federal Continuous Monitoring strategy for prioritization of resources and providing support that provides the greatest impact with limited resources. Team members have a large set of cross-functional abilities to support all aspects of Cyber Security.

  • Conduct vulnerability scans and assessments against agency information systems, web applications, and web services.
  • Conduct assigned activities within the security incident response and handling lifecycle. These activities could include: detection, triage, analysis, containment, recovery, and reporting.
  • Assist with maturing vulnerability management and incident response processes and activities.
  • Coordinate with system owners and IT operations to remediate and resolve issues discovered during security scans, system assessments, system audits, and cyber security investigations.
  • Conduct security assessments for agencys cloud platform types (i.e., IaaS, SaaS, PaaS)
  • Provide security engineering reviews and recommendations to agency System Owners and Information System Security Officers (ISSO)
  • Develop and implement technical solutions to help mitigate security vulnerabilities
  • Analyze network and host-based security logs to identify potential security threats
  • Develop/review documentation for Security Operations procedures


  • 7 years of cyber security engineering experience
  • 5+ years of experience in either a system or network administrator role
  • Industry Security Certifications such as CISSP, CASP, GCIA, GCIH, OSCP, etc.
  • Experience with different aspects of security engineering including knowledge of network security, operating system security, database security, and web application technologies
  • Knowledge of security principles with cloud-based services such as AWS and Azure
  • Extensive knowledge of the Linux and Windows operating systems
  • Strong understanding of TCP/IP protocol and familiarity with NMAP and/or other network mapping tools
  • Strong troubleshooting skills
  • Ability to communicate technical information to non-technical users
  • Experience with some of the following types of technologies: SIEM (SecurityCenter, Splunk, etc.); Firewalls, both network and host based; Application or web content filtering; IDS/IPS
  • Experience with some of the following technologies: AWS, VMWare products, Tenable suite of tools, SiLK, NetFlow, Snort, FireEye, etc.
  • Familiarity with: NIST 800-53 Security and Privacy Controls, CISA High Value Asset (HVA) Control Overlays, NIST Risk Management Framework (RMF), NIST 800-61 Computer Security and Incident Handling

Preferred Additional Skills, Knowledge and Experience:

  • Masters degree with an IT or Computer Science focus
  • Security Architecture review experience
  • Scripting and automation (Python, Unix, PowerShell, Ruby, etc.)
  • Penetration testing experience


  • Strong verbal and written communication skills
  • Ability to work in a cross-functional team environment
  • Flexible, Dependable and Self-motivated
  • Willingness to learn new skills from peers

Clearance Requirement:

Top Secret (TS) w/Ability to obtain SCI


Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events