Computer Network Defense (CND) - Infrastructure -TS/SCI - Miami, FL

6 days left

Location
Miami, FL
Posted
May 18, 2017
Closes
Jun 03, 2017
Hours
Full Time
Mission Statement: Tests, implements, deploys, maintains, reviews and administers the infrastructure hardware and software that are required to effectively manage the computer network defense (CND) service provider network resources. Monitors network to actively remediate unauthorized activities.

 

Administer computer network defense (CND) test bed(s), and test and evaluate new CND applications, rules/signatures, access controls, and configurations of CND service provider managed platforms Coordinate with Computer Network Defense (CND) Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized computer network defense (CND) applications Create, edit, and manage changes to network access control lists on specialized computer network defense (CND) systems (e.g., firewalls and intrusion prevention systems) Identify potential conflicts with implementation of any computer network defense (CND) tools within the CND service provider area of responsibility (e.g., tool/signature testing and optimization) Perform system administration on specialized computer network defense (CND) applications and systems (e.g., anti-virus, audit/ remediation) or Virtual Private Network [VPN] devices, to include installation, configuration, maintenance, and backup/restoration Assist in identifying, prioritizing, and coordinating the protection of critical computer network defense (CND) infrastructure and key resources Must have a good understanding of networks at the packet level and be able to analyze packet captures at the expert level.

 

Basic experience administering and Automating Linux Systems Scripting experience in Powershell/BASH Programming and Automation experience utilizing Ruby/Python/Perl Network Access Control (NAC) experience: ForeScout CounterACT, Cisco ICE Firewall experience: Cisco ASA, Cisco IOS FW, Palo Alto Network TAP/SPAN aggregators: Cisco Nexus with Data Broker, Gigamon, Ixia Virtualization experience: VMware ESX and NSX, KVM, Xen Server HBSS Operations, In-depth experience with configuring and analyzing results from but not limited to HIPS, DLP and VSE ACAS Operations (Security Center, Nessus Scanner and PVS), SPLUNK operations, Fidelis - In-depth operational work with network IDS and incident response including but not limited to Fidelis

 

HBSS Experience

 

HBSS Operations, In-depth experience with configuring and analyzing results from but not limited to HIPS, DLP and VSE Maintain and administer the HBSS operations for the campus wide Enterprise computing systems Install HBSS agent and modules to servers and end user machines (modules: ACCM,DLP,HIPS,MOVE,PA,RSD,VSE) Respond to escalated support requests for technical assistance Validate and coordinate HBSS scheduled maintenance Create custom queries to meet varying informational demands Maintain and administer the campus wide Enterprise computing systems to meet the DoD mandated security requirements and directives Create custom Firewall policies and work with Cybersecurity and incident teams to identify, configure and apply host based IPS signatures to protect against zero-day threat Create firewall and IPS exclusions based on customer demand and the A&A approval process Work with the trouble ticket system to coordinate troubleshooting efforts with the end user and their varying issues Troubleshoot VM and SQL issues that conflict with the basic functionality of ePO Understand client's operational and sustainment methodologies and processes. Monitor HBSS to detect faulty operation, anomalies, and security events. Develop, run, analyze, and maintain reports using SQL and HBSS reporting. Develop sorting rules, dashboards, data monitors, and filters using HBSS.

 

ACAS Experience

 

Provide cyber security remote scanning and remediation support, as necessary, to sites preparing for CCRIs. Assist the PMO with maintenance of base/site lists and Internet Protocol host counts. Maintain effective communications with other teams essential to ACAS operation (e.g., Base Boundary, Server Consolidated Environment,etc.). Support the reporting of compliance data via ACAS to the e-MASS Facilitate, as necessary, the transition of ACAS Security Centers new virtual infrastructure; as needed Author custom security policies. Perform systems analysis, design review, programming, documentation and implementation of complex system applications and related IT/ADP systems concepts. Participate in all phases of the software life cycle with emphasis on the planning, analysis, programming, testing and acceptance phases. Author and/or assist in the authoring of configuration files, signatures and other such files necessary to add new vulnerability discovery capabilities into the ACAS system tool. Assist vulnerability personnel in the implementation of the DISA Information Assurance and Vulnerability Management programs including vulnerability tracking and compliance reporting. Assist with implementation of DISA-released software patches, updates, and upgrades. Accommodate, as necessary, PMO-led pilot programs of Internet Protocol version 6 (IPv6) and Passive Vulnerability Scanner on ACAS. Experience with Microsoft SQL 2008 Experience with Windows Server 2008 R2 Scripting experience (Perl, JavaScript, HTML) Knowledge of data communications, local-area networking, wide-area networking, routers, and switches Thorough understanding of Internet Protocol (IP) routing, switching and the OSI model

 

Education Bachelors Degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience.

Qualifications 5-8 years of related systems engineering experience.

 Additional Qualifications

    Designs and defines system architecture for new or existing computer systems.

      Performs complex systems development and design work that may include logic design, I/O design, firmware development, model formulation, manufacturing and development cost projections, computer architecture analysis and design, and analog or digital systems engineering. Performs systems modeling, simulation, and analysis. Participates in the upgrading of operating systems and design of systems enhancements. Provides input for documentation on new or existing systems. Develops and conducts tests to ensure systems meet documented user requirements. Identifies, analyzes, and resolves system problems. Provides system/equipment/specialized training and technical guidance. Determines system specifications, input/output processes, and working parameters for hardware/software compatibility. May provide guidance and work leadership to less-experienced systems engineers. Maintains current knowledge of relevant technology as assigned. Participates in special projects as assigned.
     

     

     

     

      Comprehensive knowledge of systems engineering principles, methods, and techniques. Knowledge of the associated hardware, software, and equipment. Professional certification in one or more specific technologies may be required, depending on job assignment.
     

      Must be capable of obtaining and maintaining a Top Secret/SCI (or applicable clearance level) Security Clearance. Must be DOD 8570 CND-IS within 90 days of hireMust be able to achieve Security+ CE Certification (or equivalent) within 90 days of hire for positions requiring elevated privileges and ITIL V3 Foundation within six months of hire. Additional specific certifications may be required, depending on job assignment. The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment. This position may be required to complete short-term deployments to worldwide locations (or specific AOR). The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job. Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job.
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.