SUPPORT HOTLINE    855.666.6709   

PHALANX 

SECURE SOLUTIONS

Passionate?  Smart?  Let's CHAT!

CAREERS

We are currently looking for a Security Engineer and Disaster Recovery Deputy for a 5 year project in Prince Georges County. Please send your resume to careers@phalanxsecure.com


Security Engineer


Location: PG County

The Engineer (Testing and Analysis) will work with the Security development staff to incorporate tools and best practices that assure that testing requirements are addressed to promote a robust security posture for applications & systems in both a private data center and public cloud offering. This individual will follow documented technical approaches to test applications and systems to assess threats and residual risks, along with specifying the implementations

Responsibilities:

•             Focus on operational procedures in both Cloud and data center environments

•             Work to ensure security operations controls are implemented by developers into newly created apps and services

•             Assist in testing for security vulnerability and weaknesses in newly created applications

•             Assist in managing and tracking POA&Ms as applications and systems transition into Operations

•             Work within a Sprint to ensure features include security features and meet directives

•             Work within a Sprint to guide the teams on how to best include security features

•             Act as a bridge between operations and security personnel, by being able to understand and interface in both areas

•             Real interest in hacking on web applications, either by breaking them down, or helping to build them up

•             Threat modeling and attack vector analysis

•             Integration of static and/or dynamic code analysis tools into SDLC

•             Crafting proof of concepts for exploitation

Required Skills:

•             Solid understanding of common web application technologies and languages

•             Expressible ability to differentiate between a significant issue, a minor weakness, and a false positive

Desired Skills:

•             Bachelors degree in Computer Science or Engineering or equivalent evidence of aptitude

•             History of contributing to open source projects

•             Previous participation in vulnerability competitions, bug-bashes, or pen tests

•             Tools/Technology Experience: Familiar with Agile/SAFe methodologies. Familiar with NMAP, Nessus, Burp, ZAP, Nexpose, BackTrack, Kali Linux, and/or Metasploit.  Knowledge of vulnerability management and pen testing tools. Experience developing with Java, Python, HTML, or Javascript. Familiar with IT Security (CISP, CEH, Security+, etc.) and Cloud (AWS, AWS GovCloud, Azure, etc.)

•             Organizational Skills: Can plan and prioritize work, both their own and that of project team. Follows tasks to their logical conclusion and makes sure that everything has been done to the right standard. Good attention to detail.

•             Team Work: Able to enthuse and maintain team interest. Comfortable working both individually and as part of a team. Prepared to challenge ideas within a group in a constructive way. Ability to influence others and move a team toward a common vision or goal.

•             Leadership: Acute business acumen and understanding of organizational issues and challenges. Able to work effectively at all levels in an organization.

•             Communications: Ability to communicate clearly and efficiently to team members and clients, verbally and in writing. Able to present ideas in a variety of ways depending upon audience and context. Excellent active listening skills.

•             Quantitative Management: Ability to determine process measures and track to determine process effectiveness and efficiency.

•             Problem Solving: Natural inclination for planning strategy and tactics. Ability to analyze problems and determine root cause, generating alternatives, evaluating and selecting alternatives and implementing solutions.

•             Results oriented: Able to drive things forward regardless of personal interest in the task.



Disaster Recovery Deputy


The Disaster Recovery Deputy is responsible for making all decisions related to the Disaster Recovery efforts and reporting decisions and efforts to the Senior Management team and the Government Disaster Recovery Lead. This person’s primary role will be to develop all plans and procedures and guide the disaster recovery process and all other individuals involved in the disaster recovery process will report to this person in the event that a disaster occurs, regardless of their department and existing managers. All efforts will be made to ensure that this person be separate from the rest of the disaster management teams to keep his/her decisions unbiased; the Disaster Recovery Lead will not be a member of other Disaster Recovery groups within the Technical Integrator contract.

Responsibilities:

•             Determine critical equipment and resources.

•             Work with leadership to determine and designate an alternate site for operations

•             Develop and implement the Disaster Recovery Plan that links to the Risk Management Plan and includes all areas beginning with incident detection through resuming normal operations

•             Develop a Disaster Recovery Timeline Plan

•             Conduct a Business Impact Analysis and Develop the Business Continuity Plan for both cloud and traditional infrastructures

•             Develop Checklists and Emergency Communications Plans

•             Develop Emergency Contact lists

•             Develop Emergency Transportation Plans

•             Educate the staff on the Disaster Recovery Plan and Procedures.

•             Designate staff members as Disaster Recovery Personnel (i.e., Senior Management team, Communications team, Facilities team, Network team, Server Team, Applications team, etc.).

•             Develop roles for disaster recovery personnel

•             Conduct tests of the Disaster Recovery and Business Continuity Plans.

•             Execute the DRP when the Government Disaster Recovery Lead has declared a disaster

•             Determine magnitudes and classes of a disaster

•             Determine what systems and processes have been affected by a disaster

•             Communicate the disaster to the other disaster recovery teams

•             Determine what first steps need to be taken by the disaster recovery teams

•             Keep the disaster recovery teams on track with pre-determined expectations and goals

•             Keep a record of money spent during the disaster recovery process

•             Ensure that all decisions made abide by the DRP and policies set

•             Get the secondary site ready to restore business operations

•             Ensure that the secondary site is fully functional and secure

•             Create a detailed reports of all the steps undertaken in the disaster recovery process

•             Notify the relevant parties once the disaster is over and normal business functionality has been restored

•             Summarize any and all costs and will provide a report to the Senior Management team and Government Disaster Recovery Lead summarizing their activities during the disaster

Required Skills:

•             12 years of in-depth technical experience with Disaster Recovery for a Major Facility or Government Agency. 

•             Experience with Risk Management

•             Experience with the FEMA National Disaster Recovery Framework

•             Proven past performance in Business Continuity Impact Analysis and Planning

•             Strong staff management skills

Preferred Skills and Qualifications (One or More of the Following:

•             EC-Council Disaster Recovery Professional (EDRP)

•             Disaster Recovery Certified Specialist (DRCS)

•             Disaster Recovery Certified Expert (DRCE)

•             Disaster Recovery Certified Planner (DRCP)

•             Business Continuity Professional Certification (CBCP)

•             Other ANAB recognized Disaster Recovery Certification