Computer Network Defense - Infrastructure Support - TS/SCI - RAF Molesworth UK - Military veterans preferred

2019-01-09
General Dynamics Information Technology (www.gdit.com)
Other

/yr

  full-time   employee


Cambridgeshire
United Kingdom

1. Tests, implements, deploys, maintains, reviews and administers the infrastructure hardware and software that are required to effectively manage the computer network defense (CND) service provider network resources. Monitors network to actively remediate unauthorized activities
2. Administer computer network defense (CND) test bed(s), and test and evaluate new CND applications, rules/signatures, access controls, and configurations of CND service provider managed platforms
3. Coordinate with Computer Network Defense (CND) Analysts to manage and administer the updating of rules and signatures (e.g., intrusion detection/protection systems, anti-virus, and content blacklists) for specialized computer network defense (CND) applications
4. Create, edit, and manage changes to network access control lists on specialized computer network defense (CND) systems (e.g., firewalls and intrusion prevention systems)
5. Identify potential conflicts with implementation of any computer network defense (CND) tools within the CND service provider area of responsibility (e.g., tool/signature testing and optimization)
6. Perform system administration on specialized computer network defense (CND) applications and systems (e.g., anti-virus, audit/ remediation) or Virtual Private Network [VPN] devices, to include installation, configuration, maintenance, and backup/restoration
7. Assist in identifying, prioritizing, and coordinating the protection of critical computer network defense (CND) infrastructure and key resources
8. Must have a good understanding of networks at the packet level and be able to analyze packet captures at the expert level
9. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation
10. Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
11. Evaluate firewall change requests and assess organizational risk
12. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
13. Assists with implementation of counter-measures or mitigating controls
14. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices
15. Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
16. Prepares incident reports of analysis methodology and results
17. Maintains current knowledge of relevant technology as assigned
18. Participates in special projects as required

 

Qualifications:

 

1. 5-8 years of related systems engineering experience

2. Must possess and maintain a Top Secret/SCI Clearance

3. Must meet DoD 8570 requirements and be eligible for IAT Level II (Security+ CE Certification or equivalent) within 90 days of hire for positions requiring elevated privileges and ITIL V3 Foundation within six months of hire

4. DoD 8570 CNDSP Infrastructure - CEH or SSCP, highly desired

5. CEH is recommended

6. Basic experience administering and Automating Linux Systems preferred

7. Scripting experience in Powershell/BASH highly desired

8. Programming and Automation experience utilizing Ruby/Python/Perl strongly preferred

9. Network Access Control (NAC) experience: ForeScout CounterACT, Cisco ICE highly desired

10. Firewall experience: Cisco ASA, Cisco IOS FW, Palo Alto recommended

11. Experience with Network TAP/SPAN aggregators: Cisco Nexus with Data Broker, Gigamon, Ixia highly desired

12. Virtualization experience: VMware ESX and NSX, KVM, Xen Server strongly preferred

13. Knowledge of HBSS Operations recommended

14. In-depth experience with configuring and analyzing results from but not limited to HIPS, DLP and VSE highly desired

15. Experience with ACAS Operations experience (Security Center, Nessus Scanner and PVS) strongly preferred

16. Experience in SPLUNK operations recommended

17. In-depth operational work with network IDS and incident response including but not limited to Fidelis highly desired

18. Additional specific certifications may be required

19. This position may be required to complete short-term deployments to austere locations worldwide

20. The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes or equipment.

 

The above job description is not intended to be, nor should it be construed as, exhaustive of all responsibilities, skills, efforts, or working conditions associated with this job.   Requests for reasonable accommodations will be considered to enable individuals with disabilities to perform the principal (essential) functions of this job.  #BICES and #CJPOST

 

For more than 50 years, General Dynamics Information Technology has served as a trusted provider of information technology, systems engineering, training and professional services to customers across federal, state, and local governments, and in the commercial sector. Over 40,000 GDIT professionals deliver enterprise solutions, manage mission-critical IT programs and provide mission support services worldwide. GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

Education:

Bachelors Degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience.