Computer Network Defense (CND) Senior SME with Security Clearance
Company: S4 Inc.
Location: Sierra Vista
Posted on: January 31, 2019
Job Title: Computer Network Defense (CND) Senior SME Location: Fort Huachuca, AZ Clearance: Current/active Top Secret+ Please note that you must be a US Citizen to apply to this job posting Certification: GIAC or equivalent, and, CND-IS Baseline Certification, and ITIL Foundation Certification IT Services Management, and IAT Level II Baseline Certifications are required Education: BS degree in CS or an IT related field Experience: 15+ years of related computer defense experience Travel: 5% LCAT: Computer Network Defense (CND) Senior SME Requisition: AZ18014 Position Description: Provides oversight and general instruction to the Computer Network Defense Division at Fort Huachuca. Job Duties: Develop Intrusion Protection System/Intrusion Detection System (IPS/IDS) procedures; correlate and react to security events; perform first- and second-level triage; and forward suspicious activity to the DCO-D. Use a Security Information Management (SIM) tool to aggregate approximately 13.6 million security events per day from multiple sources, which include Intrusion Protection System sensors, Intrusion Detection System sensors, and Primary Internet Exchange (PIX) Firewall, proxy, router, ePO servers, and server system logs. During the life of this contract, other sources may be Active Directory domain controllers and DNS servers. Perform advanced systems administration for the enterprise CND sensor mission relative to platform architecture, configuration, lifecycle support, and technology refresh and infusion. Develop and document disaster recovery procedures for USARCC-C managed CND systems, including IPS/IDS, system baseline tools (e.g., ESM), host-based systems and agents, server managers, applications, and remote management systems. Store written procedures in the USARCC-C Document Management System (DMS) database. Perform daily backups, implement system upgrades, and verify system configurations, accounts, and passwords conform to baseline standards. Coordinate with installation NECs or customer points of contact on sensor installation and troubleshooting. Maintain points of contact rosters for NECs or NEC-like entities that provide on-site technical support and update rosters as new information is received. Monitor CND infrastructure assets for failures, performance degradations, or loss of security event visibility, and take corrective action to restore the system to full operation for real-time monitoring of security events. Establish and maintain written procedures to set up, track, and document status and location of hardware and software for each baseline of sensors. Store written procedures in the USARCC-C Document Management System (DMS) database. Maintain, update, test, and implement signatures and policies for each baseline of sensors managed by USARCC-C; changes must be approved through the established ITIL process. Build, configure, and assist with implementation of newly fielded sensors that support USARCC-C CND missions. Monitor all sensors and agents managed by the USARCC-C for security event analysis and response. Respond to a detected event and perform triage, ensure proper handling of the associated trouble ticket (TT), and process events according to the USARCC-C CND SOP and appropriate TTPs. Maintain and update the triage database with current threat data and response methods. Maintain and update SIM tool software rules for optimal detection of malicious or unauthorized activity. Report system incidents and problems according to USARCC-C CND SOPs and service level agreements (SLA). Validate security event information from the ITSM ticket which includes at a minimum event name, date, time, location, source IP address, destination IP address, source ports, and destination ports. Contact the responsible NEC if additional information is required. Qualifications: Active/current TS+ clearance BS degree in CS or an IT related field 15+ years of related computer defense experience Must have GIAC or equivalent as well as a CND-IS Baseline Certification Must be able to listen to and understand customer expectations and concerns, and assures customer we are executing project effectively Strong understanding of ITIL framework. Should have extensive knowledge of this field and domain gained by experience in working on similar projects/programs, may have specialized domain technical knowledge that needs to be broadened into a more comprehensive knowledge of all aspects of domain Must have IAT Level II Baseline Certifications To apply to this position please go to www.s4inc.com and click on Careers to complete and an employment application and to upload your resume. S4 Inc. offers competitive salaries and a comprehensive benefits package with 401(k), and universal time off. We are an Equal Opportunity Employer-minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity. S4 participates in the E-Verify employment verification program. If you are looking for a challenging and rewarding position, then we invite you to submit your resume including salary history/requirements. Candidate selected must be able to obtain and maintain the security clearance required by the contract at all times If you are an individual with a disability or a disabled veteran, and need a reasonable accommodation to apply to a position, please contact Michelle Sweeney, HR Manager, by phone at (781) 273-1600 or by email at For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website. https://s4inc.applicantpool.com/jobs/241013-10400.html Top Secret
Keywords: S4 Inc., Sierra Vista , Computer Network Defense (CND) Senior SME with Security Clearance, IT / Software / Systems , Sierra Vista, Arizona
Didn't find what you're looking for? Search again!