Systems Engineer - Cyber Security

Established in 1946, with headquarters in Washington, D.C., American Institutes for Research (AIR) is an independent, nonpartisan, not-for-profit organization that conducts behavioral and social science research and delivers technical assistance both domestically and internationally. As one of the largest behavioral and social science research organizations in the world, AIR is committed to empowering communities and institutions with innovative solutions to the most critical challenges in education, health, workforce, and international development.

AIR is currently looking for a Systems Engineer - Cyber Security specializing in server/network security to work out of our Washington, DC (Georgetown) headquarters.

Systems Engineer – Cyber Security specializing in server/network security.

 Application Whitelisting Software tools
 Log aggregation tools
 IPS/IDS signatures and scripting
 Firewalls and Security Gateways
 Enterprise infrastructure vulnerability scanners
 Execute all phases of vulnerability management that include: oversight of infrastructure vulnerability scanning operations, vulnerability analysis, and working with other Operations Team members to remediate system vulnerabilities.
 Participate in the research, design, test and recommend security controls for server, network and storage infrastructure in cloud or on-premises.
 Work with the IT Service Operations Team and Corporate Information Security office to respond to alerts and security incidents, perform actions to identify, contain, and eradicate threats in a timely manner.
 Monitor metrics associated with security controls to ensure security controls are configured as designed and tuned for peak effectiveness in cloud and premise systems. Evaluate, recommend and adjust work processes as necessary to correct adverse trends.
 Perform compliance scanning/testing to ensure systems conform to established system baselines and security configurations. Measure, identify, and remediate systems that do not meet minimum security standards.
 Work with Service Operations teams to troubleshoot and resolve operational issues that impact the confidentiality, integrity or availability of IT systems.
 Manages, documents and executes on security configuration, patching, application white listing, hardening, scanning, monitoring, and metrics for all security appliances and infrastructure systems.

 Minimum of 5 years server security experience in mid-sized to large IT organizations.
 Education Level: Bachelor’s degree in Cyber Security or related field; Master’s preferred
 Must have in-depth, hands-on experience with security features and system administration of Linux and Windows OS, virtual systems, routers, firewalls, IPSs, application white listing, logging and monitoring tools, antivirus, and related infrastructure devices.
 Must have an understanding of security vulnerabilities in common operating systems, web and applications servers, including knowledge of remediation procedures.
 Experience or understanding of multiple risk can controls frameworks to include those used by the Federal Government (CIS Critical Security Controls, NIST, DISA STIG, FedRAMP, FISMA, etc.)
 Experience analyzing new requirements and making security recommendations based on business objectives.
 Experience working with leading commercial Next-Generation Firewalls (NGFW).
 Excellent written and verbal communication skills and ability to work collaboratively across all business units.
 Experience working with industry standard commercial vulnerability scanner is preferred.
 Any network and security certificate are preferred.


*LI-SS1