Job Title: Sr. Cyber Security Operations Analyst
Location: Scott AFB
Clearance: DoD Secret
Our great client was founded and incorporated by a 20-year Navy Veteran. In 2011, their participation in the Veterans Administration’s Veteran-Owned, Small Business (VOSB) Verification Program, allowed them to become one of the first Information Technology (IT) Small Businesses to be officially verified by the Center of Veterans Enterprise (CVE) as a Service Disabled Veteran Owned Small Business (SDVOSB). Headquartered in in Ridgecrest, California, they provided products and services to the Department of Defense, Department of Homeland Security and private industry.
USTRANSCOM is tasked with the coordination of people and transportation assets to allow the US to project and sustain forces, whenever, wherever, and for as long as they are needed.
Duties and Responsibilities:
- Execute intrusion detection monitoring and incident response and management processes and procedures IAW DoD policy and USTRANSCOM direction.
- Provide intrusion detection monitoring and incident management, to include installation, configuration, operation, and system administration of the GFE intrusion detection monitoring and incident management tool suite on-site 24x7 at Scott AFB.
- Provide on-site support at locations other than Scott AFB will be on an as needed basis and as directed by the government.
- Use intrusion detection monitoring and incident management tool suite consisting of network and host-based sensors, log consolidation mechanisms, analysis platforms and other products that may be directed or procured.
- Identify unauthorized activity against USTRANSCOM information systems and networks on NIPRNet and SIPRNet and initiate appropriate incident response actions.
- Perform installation of intrusion detection monitoring and incident management tools IAW USTRANSCOM processes, including requesting/coordinating hardware/software procurement (including lifecycle upgrades); performing project management, e.g. government provided requirements management tool and schedules; building and configuring systems to be Security Technical Implementation Guide (STIG) compliant; performing functional testing; developing system authorization/accreditation supporting documentation, requesting security evaluations and remediation of findings; and performing operational deployment.
- Perform the day-to-day mission execution of the intrusion detection monitoring and incident management and response activity.
- Perform the day-to-day operation and maintenance of the intrusion detection monitoring and incident management tool suite.
- Document changes to intrusion detection monitoring and incident management tools (e.g., software installs, patching, software configuration changes, etc.) in accordance with Change Management policies and provide configuration management data on all of its managed systems according to the schedule and format directed by the Government.
- Collect and provide the Government with monthly metrics on intrusion detection monitoring and incident management activity.
- Maintain current documentation on intrusion detection monitoring and incident management processes and procedures and provide the following deliverable documents to the government IAW the assigned suspense dates.
Education and Work Experience Requirements:
- Bachelor’s degree from an accredited college or university with major course work in Computer Science, Management Information Systems, or a closely related field.
- Eight (8) years of experience with a Bachelor’s degree or a total of 12 years of related experience in Information Technology (IT) and / or Cybersecurity.
- Experience in security or network technology (Unix/Windows OS, Cisco/Juniper Routing-Switching) within a hands-on design/Implementation/Administration role is required.
- In-depth knowledge of TCP-IP protocol implementations for all common network services in addition to demonstrated capability to perform network packet analysis and anomaly detection.
- Must meet DoD 8570.1M Cyber Security Work Force (CSWF) IAT Level III certification requirements; Computer Network Defense Service Provider (CNDSP) certification required.
- Professionally certified and demonstrated experience with Computer Network Defense (CND) discipline.
- In-depth knowledge of Splunk is desired.
- Desired skills include experience with cloud-based hosting environments
- **Security Clearance: Candidate must have an interim Secret DoD Security Clearance or higher. **
How To Apply:
You will be directed to another website for application instructions.