The primary function will be to organize, install, and support government organization’s computer systems, including local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication systems. This will also include helping architect, design and analyze network models. It will require participation in decisions about buying future hardware or software to upgrade organization’s infrastructure. This position might be called upon to provide technical support to computer users to help solve users’ problems. This position will support activities within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.
Performance shall include:
• Able to perform self-sustaining and work with little to no oversight
• Lead IT ops team on day to day management and operations of Networks and implement capabilities vetted through Cybersecurity, ISSE and higher headquarters to maintain JSIG/RMF Authority to Operate and maintain Continuous Monitoring tools and processes
• Manage COTS & GOTS products to collect, display and remediate a variety of automated system security and system operations/performance functions and metrics.
• Assist during security assessments of servers/network devices/security appliances
• Assist during security assessments with regard to accuracy and efficiency
• Assist with Creation of operational Operations and Maintenance (O&M) checklists to maintain the service (daily, weekly, monthly, yearly O&M checklists); build Tactics, Techniques and Processes (TTPs) and Standard Operating Processes (SOPs) associated with service checklists
• Manage and operate monitoring tools/capabilities with the enterprise security information and event management (SIEM) and create/tailor complex event alarms/rules and summary reports
• Execute cybersecurity operations procedures for day to day network management, operations and maintenance
• Monitor/analyze output of cybersecurity related tools for reportable security incidents and residual risk
• Assist in analyzing technical risk, upon request, of emerging cybersecurity tools and processes
• Work as part of a security incident response team as needed
• Assist ISSM/ISSO/ISSE with the Integration/Development new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levels
• Advanced technical competency in one or more of the following supported platforms: Microsoft Windows Server, Active Directory Red Hat Enterprise Linux servers, MS Hyper- V/VMWare/ESx/Xen Hypervisors, Enterprise networking/firewalls/intrusion detection/prevention systems, forensic analysis/vulnerability assessment, Group Policy management and configuration, Scripting, BMC Footprints, WSUS, , Lumension, Bitlocker, SQL Server 2012, TomCat, IIS, Windows Server 2012r2/2016, Win 10, Red Hat 6.5, Microsoft Office
• Toolkits, SEIMs, Logrhythm, ACAS/Nessus/SCAP, mandatory/role-based access control concepts (e. g. SE Linux extensions to RHEL, PitBull, AppArmor, and Sentris) , video teleconferencing/VOIP, Oracle/MS SQL database security, and Apache/IIS Web server security
Experience:
• 5 - 7 years related experience
Education:
• Bachelor’s degree in a related area or equivalent experience (4 years)
Certifications:
• Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level III (IAT III) within 6 months of the date of hire
Security Clearance:
• Current Top Secret Clearance with SCI Eligibility
• Eligibility for access to Special Access Program Information
• Willingness to submit to a Counterintelligence polygraph
Other Requirements:
• Thorough knowledge of Microsoft Windows desktop and server operating systems, Microsoft Exchange Server, and as needed RHEL operating systems administration and associated hardware
• Experience in effective communication and collaborating in a high performance team environment.
• Group Policy design and configuration
• Working knowledge of CISCO network and switching and virtualization technologies
• Working knowledge of virtualization as it applies to users environments, operating systems, and network appliances
• Working knowledge of Local Area Network (LAN) and Wide Area Network (WAN) technologies and data backup technologies
• Working knowledge communication security (COMSEC) policies and integration
• Working knowledge of Risk Management Framework, Common Criteria, and System Security Policy as they relate to assessments and authorization
• Working knowledge and current relevant experience with PL2, PL3, and PL4 network environments/systems
• Working knowledge of WSUS and/or YUM patch deployment methodologies
• Must be familiar with DoD policy as it applies to implementing and executing system and network administration
• Working knowledge of Risk Management Framework and how to apply it to network/information system environments
• Must be able to regularly lift up to 50 lbs.