Tanium SME with Security Clearance

Washington, DC
Feb 22, 2021
Feb 24, 2021
IT, Security Engineer
Full Time
Our client is looking for an experienced, ambitious, Application Security SME with proven past or current experience supporting customer's mission critical initiatives.EndPoint Management Engineer (Tanium): The endpoint management level of effort provides deployment and management of the application in a full operational mode, operating as a subset of OCIO-purchased security tools on behalf of the entire department to standardize and centralize the governance of USDAsecurity and allow for a unified and real-time view of the department. The application is called upon to provide inventory and reporting at the department level as well as agency level patching. It also serves as a tool to mitigate security issues across the various enclaves. Operations of this enterprise class solution includes responsibility to provide applicationadministration of the service delivered, as well as providing customer service interfaces for all agency organizations within the USDA; creation of user application accounts within the application; and implementation of a process to create relevant scripts and custom reports. Tasks:The contractor shall provide the following services and management for the operation of the endpoint management environment: Develop, test, and deploy Tanium sensors for use by ISC and agency customers. Ensure Tanium application is consistently up 99% and support issues within the contractors' control are resolved to completion. Analyze, review, and implement custom report code. Manage the group structure for the agency machines. Distribute updated licenses (mastheads). Provide external connectivity (demilitarized zone (DMZ) servers) Maintain, patch and update departmental Tanium application software on all related infrastructure systems. Proactively monitor the health of Tanium application. Coordination with other ISC federal and contractor resources for access to tools or items that must be monitored. Document changes to configurations, operating processes, accreditation documentation, test cases, disaster recovery documentation and architectural design documentation of the Tanium application. Provide notifications based on ISC guidelines to federal management and customer agencies of all production and maintenance outages. Monitor and respond to the ticket management system on incident and fulfillment requests for the Tanium application and respond based on standard change, incident, and fulfillment guidelines. Provide technical input to audit findings and plan of actions & milestones (POAM) related to Tanium. Attend and provide technical input to meetings at the request of ISC, to include customer agencies. Provide recovery support, setup, and administration (remote and on-site as needed) for the Tanium infrastructure. This may require work outside of normal business hours where standard schedule will be adjusted to accommodate these changes. Provide Tier 2 and Tier 3 customer support for all USDA agencies in the use of the Tanium application. Attend weekly, bi-weekly, or as needed meetings with USDA agency representatives giving them information regarding updates to the application and provide a forum to field questions with their peers. Maintain customer support documentation to include user documentation, training documentation and any technical guides needed for the support of Tanium. Proactively recommend changes and/or enhancements to the Tanium application to provide better efficiency, productivity, stability, and/or cost savings within the larger scope of each project's design requirements. Coordinate with other ISC resources to track locations, servers, and serial numbers of Tanium assets.Create and maintain decision tree documentation for the Tier 1 support group. Augment Tier 1 support when needed to provide further clarification into end-user inquiries. Perform maintenance within approved maintenance windows (after hours). Updates applied during business hours must have prior government approval. Perform access control to create user application accounts within the Tanium application. Follow the ISC access control procedures: a. Add, update, and delete user accounts for Tanium systems following established ISC procedures. b. Conduct periodic account validation, verify inactive accounts, and notify appropriate individuals of necessary changes per internal procedures. c. Provide access control team with quarterly reports listing users using the format provided by the access control team. d. Document process and procedure updates. e. Enforce federal, departmental, and ISC logical access controls such as A-130, A-127, Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST) 800-53. f. Request system reports to assist in the preparation of periodic reports. Reporting and Scripting: a. Document and implement a process to allow agencies to submit special requests which would require the creation of Tanium sensors and custom reports. This should be a weighted system so requests can be prioritized. b. Document and implement Tanium packages to deploy software and patches not found in the Tanium application. c. Document and implement Tanium sensors and packages to installed applications on the client systems, as requested. d. Document and implement reports for USDA departmental data calls, as requested. e. Maintain data feed between the Tanium application and 3rd party interfaces. f. Maintain a library or repository system of custom code developed which utilizes existing or new change management and versioning capabilities capable of providing cold site DR recovery without loss of custom content. g. Submit quarterly report metrics as defined in SLA and service catalog. The contractor shall provide the following general services: a. Windows Server environment management and deployment b. Non-Windows operating systems, such as Linux, Unix, and Mac OS X management and deployment c. Tanium management and deployment d. Troubleshoot network connectivity between different network environments and the ability to increase productivity and continuously improve methods/approaches. e. Provide virtual end user training, at least quarterly per year or ad-hoc, as needed by agency customers. Detailed Support Environment:The Tanium architecture includes a set of network appliancesdeployed in USDA Kansas City and St. Louis data centers.Tanium Server (1 each, Kansas City (KC) and St. Louis (STL) USDAEnterprise Data Center (EDC))Tanium Module Server (1 each, KC and STL USDA EDC)Tanium Zone Server (1 each, KC and STL DMZ) Within the ISC lab environment are virtual Tanium servers along with servers and workstations for testing purposes. The architecture affects and reports on more than 140,000 endpoints across the USDA's network. The application is called upon to provide inventory and reporting at the department level as well as agency level patching. It also serves as a tool to mitigate security issues across the various enclaves. Operations of this enterprise class solution includes responsibility to provide application administration of the service delivered as well as providing customer service interfaces for all agency organizations within the USDA. There are approximately 15-20 account requests received each month. This effort provides support during business hours plus incidents/maintenance windows with on-call support for both the conterminous United States (CONUS) and outside continental US (OCONUS).