Cyber Security Engineer III

Location: VA Winchester - Operations Full/Part Time: Full-Time Regular/Temporary: Regular

Job Description


You have goals, dreams, hobbies and things you’re passionate about.

What’s Important to You Is Important to Us
We’re looking for people who not only want to do meaningful, challenging work, keep their skills sharp and move ahead, but who also take time for the things that matter to them—friends, family and passions. And we're looking for team members who are passionate about our mission—making a difference in military members' and their families' lives. Together, we can make it happen.

Don’t take our word for it.

  • FORTUNE 100 Best Companies to Work For®
  • Computerworld® Best Places to Work in IT
  • FORTUNE® Best Workplaces for Millennials
  • Forbes® America’s Best Employers


Basic Purpose

To serve as a technical interface and subject matter expert to customers for the Navy Federal cyber defense product suite.  Collaborate with senior engineers, internal teams, and vendors to support all phases of product integration, operations, and maintenance to ensure a secure Navy Federal environment.  Troubleshooting technical issues identified through system monitoring and/or escalated from the Cybersecurity Operations Center (CSOC).  Provide technical and engineering support for projects.  Develop and maintain working knowledge of evolving information security engineering industry technologies/competition, concepts and trends.  Work independently.


•    Collaborate with internal security teams and vendors to update security controls
•    Provide broad based experience in the systems engineering lifecycle and apply the experience to specific cyber security initiatives relating to security tool deployment and management
•    Provide intermediate information security engineering support for multiple detection and response tools
•    Evaluate tool configurations and policies as needed and make recommendations to senior engineers
•    Collaborate with vulnerability management teams to ensure the integrity of CSE tools
•    Collaborate with senior engineers to implement monitoring and performance metrics to ensure efficiency and effectiveness of services.
•    Support intermediate engineering activities to mitigate reported security risks
•    Perform routine and novel configuration and tool changes in adherence with the enterprise Change Management Policy and Incident Response Procedures
•    Maintain an active understanding of industry practices for threat analytics and incident response
•    Develop and follow internal processes and detailed procedures to support the engineering function
•    Participate in ad hoc tasks and medium-sized projects
•    Perform regular and ad hoc diagnostic/health checks on systems 
•    Develop and maintain internal engineering documentation (e.g., policies, procedures, project schedules/timelines, etc.)
•    Identify new tools and/or required upgrades and perform Proofs of Concept (POC)
•    Assist  in the deployment of new security capabilities
•    Perform ad hoc and regular health checks on systems 
•    Assist management and senior engineers to support daily/adhoc tasks
•    Provide technical guidance and oversight to less experienced staff
•    Perform other duties as assigned


•    Splunk Enterprise Security Certified Admin
•    Use Splunk expertise building correlation searches from scratch to detect cybersecurity threats
•    Modify logic of existing detections to reduce false-positive rates, and align them more consistent with their intent
•    Engage with other teams to ensure detections are working as intended
•    Identify and prioritize new data sources and their applicability to the detection of advanced adversaries
•    Lead efforts to ensure data sources are compliant with Splunk's Common Information Model (CIM)
•    Ensure that security-relevant data is flowing to appropriate Splunk Data Models
•    Advanced scripting skill with Bash, Batch and at least one more or a moderate understanding of a programing language (C, C+, Java, etc.).
•    Skill in supporting network infrastructure.
•    Skill in performing routine hardware maintenance. 
•    Skill in performing virtual machine deployment and maintenance.
•    Skill in implementing load balancing and clustering principles.
•    Skill in measuring and monitoring for indicators of system performance and availability.
•    Skill in performing specialized system and component upgrades. (i.e., RAID cards, server blades, etc.). 
•    Advanced skill in troubleshooting failed system components (i.e., servers services).
•    Skill in advanced operating system administration. (e.g.,  account maintenance, data backups, maintain system performance, install and configure new hardware/software).
•    Skill in troubleshooting multi-tiered systems.
•    Skill in patch management strategies.
•    Skill in key infrastructure functions and protocols e.g.: AD, DNS, Group Policy, system permissions, directory services.
•    Intermediate scripting skill with Bash, Batch and at least one more.
•    Advanced knowledge of remote access technology concepts (Virtual Private Network (VPN), encrypted tunneling, etc.)
•    Skill in implementing different types of HA and DR configurations.
•    Skill in operating system administration for the purpose of hardening. (e.g., secure baselines, GPO management, etc.).
•    Skill in the implementation of Personally Identifiable Information (PII) data security strategies. 
•    Awareness of controls for data classifications (e.g., PCI-DSS) and to remediate audit findings. 
•    Advanced skill in the management of various security centric technologies such as Web Filtering/Proxy, Intrusion Detection, Antivirus, Endpoint Detection & Response, Firewall, Forensics, etc.
•    Skill in troubleshooting security tool failures and understand how failures impact monitoring and business operations.
•    Knowledge of the MITRE ATT&CK framework and how it can be leveraged to improve security.
•    Skill in vulnerability management and vulnerability assessment.
•    Desired: Experience with multiple cyber security detection/technologies/tools
•    Desired: Bachelor’s degree in Information Technology, or the equivalent combination of education, training or experience
•    Desired: Knowledge of Navy Federal operations, products, policies and procedures 
•    Desired: CISSP, CISA, GIAC, CCNA or other related Information Security certifications

Hours: Monday – Friday, 9:00 am to 5:00 pm CST with occasional on call and flexibility hours due to business need*

Location: 820 Follin Ln. Vienna, VA  22180 | 5550 Heritage Oaks Drive, Pensacola, FL 32526 | 141 Security Dr. Winchester, VA 22602 | Remote

Colorado residents pay scale: [$83,600] to [$120,700]


Equal Employment Opportunity

Navy Federal values, celebrates, and enacts diversity in the workplace.  Navy Federal takes affirmative action to employ and advance in employment qualified individuals with disabilities, disabled veterans, Armed Forces service medal veterans, recently separated veterans, and other protected veterans.  EOE/AA/M/F/Veteran/Disability


Navy Federal reserves the right to fill this role at a higher/lower grade level based on business need.
An assessment may be required to compete for this position.

Bank Secrecy Act

Remains cognizant of and adheres to Navy Federal policies and procedures, and regulations pertaining to the Bank Secrecy Act.