Recro
- Infrastructure O&M Administrator
At a glance
Location: US-VA-Chantilly Map
Posted: 06/26/2020
Closing: 07/25/2020
Degree: Not Specified
Type: Full-Time
Experience: Not Specified
Job description

Position Description

Responsible for day to day operations and maintenance of a wide variety of Cyber Support tools, such as  ArcSight SIEM, network and host-based (HBSS) Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS) and their associated architectures.  Proactively monitor O&M actions through the use of dashboards and quickly resolve any anomalies. Provide periodic Quality of Service metrics demonstrating account management and system up/down time of critical components.  Consistently strive to make tools more efficient and effective. Perform routine Continuous Monitoring (ConMon) activities and standard O&M procedures.  Support Assessment and Authorization (A&A) activities for deployed assets as required.

Responsibilities include, but are not limited to:

  • Performs engineering support and system administration of specialized cybersecurity applications, systems and networks in a Cyber Security Operations Center (CSOC) environment to include installation, configuration, maintenance, patching, and back-up/restore.
  • Provides subject matter expertise in creation, editing, and management of signatures, rules, filters, and custom content for specialized cybersecurity systems including but not limited to network and host-based IDS, IPS, and SIEM systems.
  • Administers cybersecurity test beds and tests and evaluates new cybersecurity applications or tools, rules/signatures, access controls, and configurations of cybersecurity platforms.
  • Provides Tier 2 maintenance support for deployed cybersecurity technologies within the CSOC.
  • Supports A&A activities through all steps of the Risk Management Framework (RMF).
  • Identifies potential conflicts with implementation of any cybersecurity tools within the enterprise and develops recommendations to remediate these conflicts.
  • Contributes to the completion of milestones associated with specific projects.
  • Provides solutions to a variety of complex technical problems.

Position Requirements:

  • Minimum Education: B.S. or relevant experience in related field.
  • Minimum/General Experience: 3-5 years of related experience.
  • Experience  in a Cybersecurity Operations Center environment desired
  • Minimum of 1 year experience in technology/tools specific to the target platforms.
  • Experience shall be in a related security technology or discipline such as Identity and Access Management, Cybersecurity Operations, Cybersecurity Engineering, IT Security Audit, and Information Assurance.
  • IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification  desired

Demonstrated technical experience:

  • Experience with COTS technologies used in a Cybersecurity Operations Center environment, including network/host IDS and IPS, and SIEM technologies.
  • Expertise in cybersecurity enterprise scanning and continuous monitoring, enterprise host/network security and intrusion detection.
  • Expertise with cybersecurity architectural principles such as defense in depth, resilience, and integrated security operations.
  • A&A support experience desired
  • Ability to convert functional cybersecurity requirements into system requirements.
  • Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
  • Ability to effectively interact with various levels of senior management is necessary.
  • Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.
  • Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

Clearance Requirement:

  • Must possess an active TS/SCI w/ a CI polygraph.
Infrastructure O&M Administrator