DCO Administrator Senior – Cybersecurity Administrator

About The Position

Requirements

• 10+ years of experience required.
• Must possess and maintain a Top Secret/SCI clearance.
• BA/BS degree required or equivalent work experience.
• Comprehensive knowledge of data security administration principles, methods, and techniques
• Must meet DoW 8140.03 requirements and be eligible for IAT level II and CSSP Infrastructure Support access upon hire for positions with elevated privileges and maintain ITIL V3 Foundation certification.
• Requires familiarity with network concepts, user authentication, and digital signatures.
• Requires understanding of DOW RMF
• Experience working with the NSA CSfC networks.

Nice To Haves

• ESS Proficiency with a focus on back-end maintenance, policy management and deployment.
• Proficiency with logging platforms such as Splunk or Elastic, focused on managing and operating.
• Familiarity with RHEL patching.
• Familiarity with DOW Hardening practices (STIG).
• The ability to work and set priorities on multiple projects/tasks at once and operate in a dynamic, fast-paced team-oriented environment.

Responsibilities

• Performs Defensive Cyber Operations (DCO) activities (formally known as Cyber Network Defense) for a large Program; coordinates with government Program staff, USAF, and other government agencies to assist in the creation, dissemination, direction, and auditing of program policy, standards, and operating procedures.
• Implementation and Administration of Security Operations, SPLUNK, ACAS, ESS, CSfC Conmon and security related activities to secure and harden the cybersecurity systems.
• Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
• Utilize available resources to conduct Cybersecurity activities, and report to senior GDIT and government personnel on overall program security posture
• Manages the CSfC Monitoring environment with in Splunk/Elastic to ensure Continuous Monitoring requirements as laid out by NSA are met.
• Ensures the SEIM is fully functioning, collecting logs from all hosts, syslogs from appliances and producing dashboards for analysis and log retention.
• Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
• Operates and Maintains the Endpoint Security Solution (ESS) based on Trellix ePO and all its associated point products.
• Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
• Maintains current knowledge of relevant technology as assigned
• Provides guidance and work leadership to less-experienced technical staff members
• Participates in special projects as required.

Benefits

• Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match.
• To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave.
• To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available.
• We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.