Linux Administrator

About The Position

Requirements

• DoD 8570 IAT III or IAM II (CASP+, CCNP Security, CISA, GSE, SCNA, CISSP [or Associate], CAP, GSLC, CISM, GCED, GCIH, CISO, or HCISPP). Candidate has 180 days to attain if they have a lower level 8570 certificate.
• 3+ years’ experience in supporting, configuring, administering Linux
• 3+ (RHEL) operating system in an enterprise environment RHEL 7.x or greater
• Experience with virtualized environments (vSphere, ESXI)
• Red Hat Enterprise Linux (RHEL) experience.
• Must be able to troubleshoot SSH connection issues.
• Good understanding of LVM Partitioning, Disk space and troubleshooting Systems related issues.
• Familiar with VMware and vSphere.
• Understanding of SSL/TLS Certificate and OS hardening.
• Strong understanding of Network configuration and troubleshooting (nmtui, nmcli, service, netstat, grep, top command).
• Understanding of patching and RPM package management is a MUST!!!
• Be able to troubleshoot Kernel Panic, Root and Grub password Reset, & Firewall configurations.
• Familiar with Ansible, Ansible-playbook and ansible roles
• Active DoD- Secret Clearance

Nice To Haves

• Understanding on Red Hat Satellite Version 6.12 or higher
• Familiar with Active Directory Concepts, LDAP, or Kerberos
• Familiar with migration from RHEL7 to RHEL8 using Leapp utility.
• Build or configure new YUM Repositories for patching purposes.
• Familiar with AWS/AZURE Cloud for future projects.
• Scripting (Nessus Attack Scripting Language (NASL), Python, Bash)
• Engineering experience with Nessus Manager and Monitor Implementation
• Able to spin new instance on the cloud from a given AMI or Launch Template
• Understand the concept of Security Groups, VPC, IAM, Autoscaling, Load Balancer Container architecture

Responsibilities

• Install and patch operating systems, application, and document Department Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGs) applicable to each network environment for all ACAS implementations.
• Assesses current ACAS implementations for each of the GEN networks and recommend changes.
• Document the steps required to design the ACAS solution for each of the GEN networks to include IP address, Fully Qualified Domain Name, and physical location of each component.
• Create network diagrams of the designs with Microsoft Visio (include list of hardware and software requirements).
• Maintains the Nessus scanners and Passive Vulnerability Scanner’s (PVS) connectivity with the associated Security Center (SC).
• Develop and/or update the Standard Operating Procedures (SOP) to support each of the client ACAS solutions documented within the SharePoint portal.
• Provide reports as necessary.
• Build Linux Server from DISA provided ISO image.