The National Security Customer Group of SAIC currently has a contingency full-time position for an End Point Security Support Engineer to support the United States Cyber Command (USCYBERCOM) J3, Fort Meade, Maryland.
The successful candidate will support the Endpoint security capabilities used to monitor, detect, prevent, track, report, and remediate malicious computer related activities and incidents on the DODIN. Endpoint Security is also used to identify misconfigurations and erroneous connections, vulnerabilities, and malicious signatures on the DODIN. The End Point Security Support Engineer conducts gap analysis activities and provides analysis and recommendations reports for alleviating shortfalls and capability gaps on DoD policy and guidance as well as shortfalls on network/system architectural designs. Develops analysis and recommendation reports in response to official inquiries on alerts, incidents, and mitigation strategies. Provides technical expertise, programmatic, and operational planning support for implementing Endpoint Security products across the DODIN enterprise and providing status update briefings. Provides analysis and recommendation reports on the identification of an automated analytical standard to be used as an enterprise architectural framework. Provides input to, and updating implementation policy and guidance for the configuration, implementation, monitoring, and expansion of Endpoint Security products and associated architecture, and for contributing to the development of overarching DoD-level guidance and standards for managing DoD network trends, performance, and functionality. Compiles and analyzes network traffic reports and logs in support of subordinate compiling incident response and disseminating analysis reports at the appropriate classification level(s), and maintaining the reports in associated repositories (i.e., Fusion Matrix or similar). Deconflicts new exploits and security vulnerabilities, analyzes trends of malicious code, documents host/network signatures, and develops mitigation and remediation strategies for dissemination to Combatant Command/Service/Agency/Field Activities (CC/S/A/FA). Conducts strategic analyses on various products, such as DoD component reporting and Intelligence Community reporting products, providing analysis, and coordinating with the JOC and CC/S/A/FAs to address areas of concern. Collaborates with the DISA and other stakeholders to assist in developing programmatic oversight requirements for future Endpoint Security product capabilities of evolving software security baselines and operating system compatibility efforts; and developing content (i.e., dashboards, queries, and reports) to support ad hoc and recurring mission tasking, as well as facilitate data pulls with supplemental queries and/or dashboard development.
Daily activities include:
Ensures the rigorous application of cybersecurity policies, principles, and practices in the delivery of all Information Technology (IT) and cybersecurity services
Develops and designs security solutions to maintain confidentiality, integrity, and availability of information through the enterprise
Identifies, plans, and documents improvements to security controls currently in place
Develops and documents recommendations and courses of action (COAs) to solve complex cybersecurity problems
Develops and interprets cybersecurity requirements as part of the IT acquisition development process and assists in the formulation of cybersecurity/IT budgets
Plans and schedules the installation of new or modified security hardware, operating systems, and software applications
Ensures the assessment and implementation of identified computer and network environment fixes such as system patches and fixes associated with specific technical vulnerabilities as part of the Cybersecurity Vulnerability Management program
Guides the implementation of appropriate operational structures and processes to ensure an effective cybersecurity program, including boundary defense, incident detection, and response
Possesses an in-depth understanding and the ability to apply intermediate concepts of cyber engineering and cybersecurity
Maintains in-depth knowledge and understanding of the DOD Cybersecurity policies and the Risk Management Framework
With no guidance, conducts cybersecurity engineering research and analysis, provides recommendations for the implementation of security mechanisms, and provides educational briefings on the recommended cybersecurity mechanism
Contributes substantive content to the development of cybersecurity documentation, concept papers, and test plans required by Command policies and the Risk Management Framework
Maintains comprehensive knowledge and understanding of DOD and/or Intelligence Community (IC) engineering efforts, across multiple engineering disciplines
With no guidance, evaluates functional operations and performance in light of test results and makes recommendations regarding C&A
Develop analysis and recommendation reports in response to official inquires on alerts, incidents, and mitigation strategies
Provide technical expertise, programmatic, and planning support for implementing Endpoint Security products
Minimum ten (10) years of experience with Cybersecurity or Information Assurance with a Bachelor’s Degree in a technical or business discipline from an accredited college or university in Computer Science, Cybersecurity, Computer Engineering, or related discipline; or an additional 4 years of experience in lieu of a degree.
Minimum of DoD 8140/DoD 8570 IAM Level II Certification (CAP, CASP, CISM, GSLC, CISSP)
Knowledge and experience with Endpoint Security products
Strong attention to detail and organizational skills.
Excellent communications skills
Strong analytical and problem solving skills
ACTIVE TS/SCI with Polygraph or the ability to obtain one.