Cyber Security Engineer

Program Overview

About The Role

System Management Branch. Part of DoDIN-A operations focus on multiple dispersed, independent/intra-dependent systems performing multiple functions (Operating System (OS), Hardware (HW), database, software applications, etc.) that are interoperable with other elements or systems to perform a function as part of a larger, more complex system. The GCC operates, monitors, sustains, and secures Enterprise directed systems throughout the GCC AOR and internal services.
• Sensor Operation and Management. The GCC uses network and host monitoring systems (IPS/IDS, SIEM, and other sensor systems) to monitor, detect, identify, verify, and report security events. Support the Government by installing, maintaining, deploying, managing, and hardening multiple types of Enterprise level sensor systems. Manage all NIPRNet and SIPRNet sensors within the CONUS Theater comprised of devices IAW TE 2 Services and Assets, with a growth of approximately 20% throughout the life of the task order. Perform advanced systems administration for the Enterprise sensor mission relative to platform architecture, configuration, lifecycle support, and technology refresh and infusion. Perform daily backups, implement system upgrades, and ensure system configurations/accounts/passwords conform to baseline standards.
• Operate, monitor, sustain, and secure the SIEM using the full capabilities of the application (e.g., logging all security events and performing event analysis). Historically, the SIEM aggregates 50 million security events per day from multiple sources including IPS, IDS, Firewalls, Proxies, Routers, HBSS, and server system logs. As technology evolves, other sources may be added (i.e. Active Directory domain controllers, DNS servers, etc.).
• Develop and document disaster recovery procedures for GCC managed sensors, including IPS/IDS, system baseline tools (e.g., ESM), host-based systems and agents, server managers, applications, and remote management systems. Disaster recovery procedures shall be stored in the current Government-approved data repository.
• Establish and maintain written procedures to set up, track, and document status and location of hardware and software for each baseline of sensors. Procedures shall be stored in the current Government-approved data repository.
• Coordinate with installation NECs or customer points of contact on sensor installation and troubleshooting. The Contractor shall maintain points of contact rosters for NECs or NEC-like entities that provide on-site technical support and update rosters as new information is received.

Qualifications

Basic Qualifications:

• 9 years w/o BS/BA; 5 years with BS/BA; 3 years with MS/MA; 0 years with PhD
• A-531-1900, DISA (521) Training, Cyber Defense Infrastructure Support Specialist (Intermediate) Playlist OR GMON, GRID, CEH, Cloud+, CySA+, GSEC, PenTest+, Security+, SSCP
• Active TS/SCI Clearance
• Ability to conduct vulnerability assessments and monitor networks to support test and operational environment requirements.
• Solid understanding of data transport, encryption, networking, IT systems, and cybersecurity fundamentals.
• Ability to work shift hours

SCA / Union / Intern Rate or Range

Details

Target Salary Range: $86,000 - $138,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual’s experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

EEO: Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.