Cyber Security Analyst/Engineer

Agil3Tech

  • Arlington, VA
  • Permanent
  • Full-time
  • 2 months ago
  • Apply easily
As the Cyber Analyst/Engineer (NCR/Shared), you will act as a model of customer service excellence to all organizational staff members in our federal contract. You will provide the tool design, system configuration, and engineering guidance to a team of highly qualified professionals. You will interact daily with the customer to ensure mission productivity and resolve IT cyber issues that the end-users may have with existing desktops, laptops, software installation issues, and other critical needs. Further, you will participate in the planning and implementing key IT initiatives anticipated during this effort. Although this position resides in the NCR, there may be a requirement to travel to Naval Station Guantanamo Bay (NSGB) occasionally. This is an exceptionally unique position as the planned projects will require three facets of Cyber Analyst/Engineering skills: Overall System Cyber Security, SIEM (SPLUNK) Enterprise configuration and implementation for Cyber Security, and Forescout deployment for Network Access Control (NAC).Job Duties:
  • Perform/assist existing ISSO tasks and duties.
  • Function as SME ensuring all IT meet DoD instruction 8500.01 cybersecurity requirements.
  • Provide information systems cyber security engineering, ensuring the availability of critical systems and networks.
  • Develop, implement, and enforce information systems security policies and requirements.
  • Knowledge and adherence to Risk Management Framework (RMF), National Institute of Standards and Technology (NIST), Supply Chain Risk Management (SCRM), and DoD/JSP/OMC processes and policies.
  • Identify information systems deficiencies and provide recommendations of risk mitigation to IT/AV leadership.
  • Perform Cyber Incident Management, information systems Certification and Accreditation, and development of Cyber Security SOPs for approved identified cyber security policies.
  • Work with internal team members (contractor and government) to identify, locate, and resolve information systems cyber threats and vulnerabilities.
  • Report and investigate information systems security breaches.
  • Coordination with internal team members and external entities such as DISA, JSP, WHS, and Intel communities.
  • Ensure security engineering principles are applied to information systems project architectures during the design, implementation, and O&M phases.
  • Develop designated security technical documents/publications such as plans, procedures, and reports.
  • Manage and maintain endpoint security solutions, such as ACAS, McAfee ENS, Microsoft Endpoint Management, etc.
  • Provide ongoing maintenance and support for endpoint security solutions, including software upgrades and patches.
  • Configure and implement security controls to prevent unauthorized access, disclosure, alteration, or destruction of sensitive information using HBSS and ACAS.
  • Utilize vulnerability management solution such as ACAS to Identify, track, and prioritize vulnerabilities on endpoints and other systems.
  • Monitor network, systems, and endpoints for security vulnerabilities; proactively work with system administrations to communicate and resolve vulnerabilities.
  • Identify, respond, investigate, and remediate incidents, providing proactive updates to Program Management.
  • Work with other teams to ensure endpoint security aligns with overall IT and information security policies and standards.
  • Stay current with endpoint security threats, trends, and technologies and recommend solutions to improve the organization's security posture.
  • Ensure that all information systems meet Department of Defense Instruction 8500.01 mandated Cybersecurity requirements.
  • Provide Information System Security Officer (ISSO) support for systems.
  • Facilitate information system authorization to operate (ATO) compliance and re-accreditations IAW with DOD 8510.01 and ICD503.
  • Facilitate registration and maintenance of information systems in the Enterprise Mission Assurance Support Service (eMASS) system. This support includes all efforts associated with the Risk Management Framework (RMF) activities.
  • Implement and maintain anti-virus and malicious code protection for all information systems using government-provided software.
  • Provide and/or facilitate the distribution and installation of security patches.
  • Provide security vulnerability scanning and reporting using government-provided applications.
  • Support scheduled Command Cyber Readiness Inspections (CCRI), and security assessment visits (SAV).
  • Provide onsite incident management during normal working hours for NIPRNET, SIPRNET, JWICS, Special Access Systems, and equipment. In addition, the contractor may be required to provide surge support after normal working hours, including weekends and holidays, as approved by the COR.
  • Analyze existing security infrastructure.
  • Work with ISSO and ISSM to identify non-compliance controls in the environment. Document and provide recommendations for remediation.
  • Identify any gaps in security infrastructure. Ensure GAPs are documented in the risk registry.
  • Provide design recommendations to the environment to improve security posture.
  • Work with team to implement new security technologies.
  • Participate in all table tops to ensure accurate and effective policies, processes, and procedures. Provide recommendations when gaps are identified.
  • Work with ISSO and ISSM during change management
  • Document Security Infrastructure
  • Lead Security team to ensure systems are configured correctly and running as expected and identify improvements. When issues with the security infrastructure are identified, immediately report to the ISSO and ISSM
  • Stay up to date on latest security threats in the wild
  • Stay up to date with the latest Cyber Security Technologies
  • Participate in all change management to ensure all security aspects are taken into consideration regarding the changes
Network Access Control (NAC) Security Engineering
  • Design, Build, Configuration, Deployment of ForeScout
  • Work with Network Engineer to ensure NAC is connected to the appropriate VLANs
  • Work with Security Engineer to ensure that Dead, Isolation, and Quarantine VLANs have the correct ACLs.
  • Manage Windows, Linux, and SNMP accounts required to correctly profile devices and configure switches and firewalls.
  • Configure Device profiling policies.
  • Identify all network assets through discovery on VLANs provided by Senior Systems Administrators and Security Engineers.
  • Configure integration with switches, firewalls, and SIEM.
  • Configure Network access policies based on asset classifications, VLANs, and location.
  • Configure Compliance policies to enforce patching, OS version, installed software, and Anti-Virus signatures.
  • Assist with troubleshooting network issues.
  • Troubleshoot issues with profiling, classification, and compliance policies
  • Work with ISSO and ISSM when Rogue Devices are discovered.
  • Work with ISSO and AO when Changes are required.
  • Install patches and firmware updates when available utilizing Change Management.
  • Manage to license for ForeScout product.
  • Create SOPs, Administrative Guides, and architecture guides.
  • Monitor ForeScout system health.
Cyber Security Engineering (SIEM)
  • Design, Build, Configuration, Deployment of SPLUNK (Enterprise Level)
  • Ensure all network devices, workstations, and server logs are correctly ingested.
  • Troubleshoot issues related to log collection.
  • Management of windows, Linux, and SNMP accounts for log collection
  • Work with System Administrators and ISSOs to ensure CMDB aligns with assets being collected by the SIEM.
  • Configure dashboards for ISSO, ISSM, System Administrators, and Senior System Administrators with information related to their job duties.
  • Configure all alerts related to NIST and STIG requirements.
  • Daily analysis of SIEM events and alerts. Escalation to ISSO, ISSM, or security, whichever is relevant to the event.
  • Manage the hardware performance of the system. Work with Senior Systems Administrators if additional resources are required.
  • Manage and monitor EPS and Asset count to ensure the application operates within licensing parameters.
  • Perform backups, restoration, updates, and upgrades to the system.
  • Work with ISSO for requested audit information.
  • Create Continuity of Operations and Disaster Recovery (DR) for the system
  • Work with ISSO when performing Change Management. Provide all required documentation to ISSO/ISSM for AO approval. Work with AO to answer any questions or provide requested information.
  • Create Administrative documentation and SOPs for the system related to operations and configurations. Update documentation during Change Management, upgrades, and updates when applicable
  • Monitor SPLUNK infrastructure health.
Requirements:
  • Shall possess an active TOP SECRET w/ SCI Eligible security clearance.
  • Strong customer service orientation.
  • Proven analytical and problem-solving abilities.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Good written, oral, and interpersonal communication skills.
  • Ability to conduct research into PC and software issues and products as required.
  • Ability to present ideas in business-friendly and user-friendly language.
  • Highly self-motivated and directed.
  • Keen attention to detail.
  • Team-oriented and skilled in working within a collaborative environment.
Education and Experience:
  • Bachelor’s in Engineering, Computer Science, or other related fields.
  • 5+ years of professional CYBER experience with DOD or IC
  • Prior ISSO or related experience for the DoD is required.
  • Prior endpoint security solution administration or engineering experience for the DoD required
  • Required Certifications:
  • DoD8570.01M IAT Level II (one of the following):
  • CCNA Security,
  • CySA+,
  • GICSP,
  • GSEC,
  • SSCP
  • CND, or
  • Security + CE
  • Prior related (CYBER) experience with the IC (DIA Preferred)
  • VCP (VMware Certified Professional – Data Center Virtualization or End User Computing) preferred
Company OverviewAgil3 Technology Solutions LLC ("A3T") is a Northern Virginia based, ISO 9001:2018, ISO 20000 & ISO 27001 Certified, 8a, Women-Owned (WOSB) and Service-disabled Veteran-Owned (SDVOSB) small business. A recent recipient of the prestigious Washington Technology TOP 50 (ranking #9, and on the list for last 4 years!), A3T is experiencing industry leading recognition and growth. In addition to the CEO’s recognition as an “All-Star Entrepreneur”, A3T is recognized by Inc Magazine as one of the fastest growing companies in the country, by Vet 50 as Fastest Growing Veteran-Owned Businesses, and is featured in CyberSecurity Ventures / Cybercrime Magazine! “As a go-to Women-Owned Cybersecurity company in US and internationally”. As part of our growth, we are looking for YOU to join our growing team.A3T offers excellent benefits to enhance the work-life balance, including:
  • Medical Insurance
  • Dental Insurance
  • Vision Insurance
  • Life Insurance
  • Short Term & Long-Term Disability
  • 401k Retirement Savings Plan with Company Match
  • Paid Holidays
  • Paid Time Off (PTO)
  • Tuition and Professional Development Assistance
  • Parking/Travel Reimbursement (metropolitan areas)
It is the policy of A3T to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations.Powered by JazzHR

Agil3Tech