• INFOSEC Engineer

    Job Locations US-VA-Sterling
    Job ID
    # of Openings
    Cyber Security
    Clearance Level
    Top Secret
  • Company Description

    Spry is a certified Small Disadvantaged Business (SDB) headquartered in McLean, VA. Spry provides Enterprise, C4IT, Management, and Cyber Solutions to the federal government and commercial entities. Founded in 2001, Spry Methods was built on the foundation of combining industry knowledge with unmatched responsiveness to produce results for our customers. Our goal is to build a business dedicated to the maximization of value for all stakeholders starting with our employees, our customers, and our community. We recognize that talented and dedicated employees are our most valued assets and the foundation of our success. Guided by these principles, we have established an impressive track record of proven past performance serving our customers within the Commercial, Federal Civilian, DoD, and Intelligence Communities. A CMMI Level 3 certified and ISO 9001:2008 registered company, Spry is committed to quality and continuous improvement.

    Job Responsibilities and/or Success Factors

    • Engineers, architects, implements, deploy, maintain, and administer commercial and open source products
    • Conducts research, evaluates, and makes recommendations on emerging technology
    • Reviews, and interprets Federal guidelines and policies, and industry standard best practices
    • Provides subject matter expertise, support, leadership, and training
    • Provides support on all information security activities at the program level including policy development, compliance inspections, audits, reviews and communications security
    • Provides support and works on the development phases of information security systems development lifecycle
    • Oversees, evaluates, and supports the documentation, validation, and accreditation processes necessary to assure that new IT systems meet the organization’s IA requirements; and ensures compliance from internal and external perspectives.
    • Conducts assessments of threats and vulnerabilities, determines deviations from acceptable configurations, enterprise or local policy, assesses the level of risk, and develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations
    • Documents incident correlation requirements, selects incident correlation engines and recommends configuration guidelines
    • Performs analysis to determine the optimum configuration of network and host sensors
    • Analysis includes traffic load analysis, performance impacts of monitoring, determination of potential attack characteristics based on mission and infrastructure, and determination of site-specific data collection requirements
    • Analyzes and recommends resolutions of information security problems based on knowledge of the major information security products and services, an understanding of their limitations, and a working knowledge of the disciplines of information security
    • Conducts research and develops security policies relevant to client environment and analyzes outside security information for relevance to DEA
    • Installs, and upgrade computer hardware and operating systems (Windows, and UNIX) in an enterprise environment

    Required skills and experience include

    • Active Top Secret clearance with SCI eligibility
    • Bachelor’s degree from an accredited college or university in computer science, information systems, computer engineering, electrical/electronic engineer or related field.
    • 6+ years of experience in information system security, cyber security, computer forensics, insider threat, or certification & accreditation
    • Extensive work experience and knowledge in: network monitoring, and intrusion detection using host-based and network-based intrusion detection systems (IDS) and log management applications; testing, installing, patching, and upgrading computer hardware and operating systems (Windows and UNIX) in an enterprise environment; identifying, collecting, processing, documenting, reporting, cyber security/ incident response events; architecting, engineering, developing and implementing cyber security/incident response policies and procedures; engineering, testing, installing, patching, and upgrading various information security hardware and software applications, to include but not limited to, SourceFire, Arcsight, Splunk, NetWitness, Guidance Software, Digital Guardian, Raytheon (SureView), NMAP, Metasploit, Request Tracker, Nagios ,Intelliview, Nessus, and Foundstone; information system security, cyber security, computer forensics, vulnerability assessment and penetration testing, malware analysis, insider threat, information certification & accreditation regulations, Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST), and American Society of Crime Laboratory Directors (ASCLD)
    • 2+ years of experience in architecting, engineering, integrating, developing and/or deploying information technology products (hardware and software) in an enterprise environment
    • Must be able to successfully complete a DEA background investigation in conjunction with being an active Top Secret clearance holder

    Preferred skills


    EEO Statement

    At Spry, we believe talented and dedicated employees are our most valued assets and the foundation of our success. We are committed to crafting a diverse and inclusive workplace that endorses engagement, creativity, quality and innovation.
    We are proud to be an Affirmative Action and Equal Opportunity Employer and as such, we evaluate qualified candidates in full consideration without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, national origin, age, disability status, protected veteran status, and any other protected status.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed