Senior Cyber Security Engineer - Military veterans preferred

Description

Join SAIC’s Information Technology (IT) Support Services Team in the Network Operations and Security Center (NOSC) of the US Air Forces Central Command (USAFCENT) Communications Directorate (A6). This opportunity places you at the tip of the spear for Engineering, Operations and Maintenance, Cyber Security, and Defensive Cyber Operations supporting the warfighter in the Southwest Asia area.

USAFCENT is the air component of United States Central Command (USCENTCOM), a regional unified command. USAFCENT, in concert with its coalition, joint and interagency partners, delivers decisive air and space power on behalf of USCENTCOM for the security and stability of the Southwest Asia (SWA) region. The USAFCENT NOSC delivers cyberspace command and control (C2) superiority to the warfighter by engineering, implementing, securing, managing, operating and maintaining USAFCENT’s Non-Classified Internet Protocol Router Network (NIPRNet), Secret Internet Protocol Router (SIPRNet), USCENTCOM Partner Networks (CPN-X), and associated C2 networks, systems and services.

The USAFCENT NOSC executes the full-spectrum of IT services management and operations for USAFCENT networks 24 hour-a-day, 7 day-a-week (24/7); and is tasked by USCENTCOM to provide information assurance (IA) boundary intrusion detection and intrusion prevention for USCENTCOM components. Comprised of NOSC operations, operations support, cybersecurity, network engineering, and command support functions, the USAFCENT NOSC plans, engineers, installs, integrates, operates and maintains, protects and manages enterprise-wide network and systems architecture, infrastructure and services; and provides enterprise-level oversight to its subordinate and supported communications support activities.

Candidates will be working at Shaw AFB, SC and/or Lackland AFB, TX. Frequent temporary duty (TDY) and/or deployment travel to OCONUS locations in the USCENTCOM AOR is required to support sustainment, site surveys, installations, upgrades, integration, testing, troubleshooting and other mission-related requirements.

The candidate for this position develops technical solutions to complex problems which require the regular use of ingenuity and creativity, exercises considerable latitude in determining technical objectives of assignment, exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results, applies extensive technical expertise and has full knowledge of other related disciplines, provides guidance to subordinates to achieve goals in accordance with established policies, and establishes and recommends changes to policies which affect subordinate organization(s).

• Architects, plans, configures, deploys, maintains, and upgrades COTS/GOTS and custom toolsets to address vulnerabilities and/or implement security controls.  

• Applies a combination of expert engineering knowledge of enterprise IT and security solutions to design, develop and/or implement solutions to ensure they are consistent with enterprise architecture security policies and support full spectrum military cyberspace operations.

• Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions. 

• Includes security control design and solution planning at the system, mission, and enterprise level, security-in-depth/defense-in-depth, and other related IAM/ISSO/ISSE support functions. 

• Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.

• Researches and evaluates cyber capabilities and new security tools and products against operational requirements and introduces them to the enterprise in alignment with IT security strategy, and to support the offensive and defensive capability design and troubleshoot and problem solve technical and non-technical issues.

• At the Leadership level, this is senior technical staff dedicated to transforming customer environments into a more secure operating environment in a holistic manner.

• Represents organization as prime technical contact on contracts and projects. 

• Interacts with senior external personnel on significant technical matters often requiring coordination between organizations.

Specific duties for this position include, but are not limited to:

• Install, configure, maintain, and manage the USAFCENT/USCENTCOM security devices to include but is not limited to IDS/IPS, ArcSight Enterprise Security Manager, ACAS and associated Virtual Private Network (VPN) equipment/configurations. Assist in development and documentation of sensor process and checklists.

• Support USCENTCOM operations by providing the capability to “omit” or filter sensor traffic and alerts reporting activity based on USAFCENT NOSC-Cybersecurity’s instruction that traffic does not need to be reviewed in a “real-time” operation by analysts.

• Provide technical advice and assistance to the USAFCENT NOSC-Cybersecurity to resolve network issues and perform actions necessary to ensure IDS/IPS sensors are collecting and reporting network activity. Diagnose and resolve end user problems. Ensure the end users adhere to the proper security policies and procedures.

• Build tactical and strategic network profiles of specific systems and complete network architecture.

• Develop system concept of operations and engineering plans to execute security requirements for new and existing systems with a focus on incident response policies and procedures.

• Develop reports and trend analysis documentation on bandwidth, network architecture, as well as network security incidents.

• Maintain current knowledge on new vulnerabilities and exploits. Develop methods to detect and prevent intrusive activities utilizing knowledge. Assist in developing countermeasures to isolate, contain and prevent intrusive actives and secure.

• Conduct troubleshooting and fault isolation to ensure network connectivity to the sensor equipment. Establish VPNs between AF and USCENTCOM sites for protected communications.

• Possess the following skill sets: extensive knowledge of network firewalls, computer and server log analysis computer network servers (DNS, proxy, e-mail, domain controller, file server, Active Directory) and analysis of their logs.

• Conduct network security monitoring and intrusion detection analysis using the USAFCENT/USCENTCOM selected security tools to include but is not limited to IDS/IPS, firewall, proxy, router, ESM, Logger, Fidelis, HBSS and ArcSight logs.

• Review STIGs compliance quarterly for changes and implement.

Qualifications

Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD and four (4) years or more experience.  In lieu of a degree, four (4) years of additional experience is required.  In addition the following certifications and skills are required: CEH, MCSA, Firewall, Network+ CE, and ITIL Foundation.

Desired Qualifications

ITIL 4 Foundation certification or any ITIL v3 Intermediate certification. Any equivalent CSSP-A certification, if not the certification listed above.