Linux Cybersecurity Administrator

About The Position

Requirements

• Education: Technical Training, Certification(s) or Degree
• Experience: 8+ years of related experience
• Technical skills: Ability to implement Red Hat updates.
• Understanding of various Linux operating systems.
• Ability to update and use security operations of Splunk and Trelix.
• Understanding of Microsoft Active Directory and implementing controls via Group Policy.
• Role requirements: Knowledge of the complete NIST SP 800 series (especially 800-37, 800-53, 800-30) and risk management principles.
• Certifications: Must be DoD 8140 / 8570.01-M compliant (e.g., including but not limited to Security+)
• Security clearance level:TS (Sensitive Compartmented Information [SCI] eligibility).

Nice To Haves

• Hands-on experience with security operations of Teramind.
• Hands-on experience with Tenable.sc.
• 5 days onsite McLean, VA

Responsibilities

• Configure, patch, and update the Linux operating systems.
• Ability to update and maintain security tool versions (Splunk, Trelix, etc)
• Monitors the following security applications:
• Scanning implementation (Tenable.sc, SCC Tool)
• SIEM implementation (Splunk)
• Endpoint security implementation (Trellix)
• Works with the vendors of the security applications as applicable to maintain security updates, licenses, resolve support issues (e.g., for Tenable plugins), etc.
• Ensure security systems are up to date and implemented.
• Validate the telemetry from the hosts and security applications are forwarded to the SIEM.
• Configures alerts for privileged activity that would be conducted in the enclave as well as alerts from security advisories.
• Triages all alerts from the SIEM to ensure activity in the environment is authorized.
• Investigates, resolves, and reports security incidents in alignment with the Incident Response Plan.
• Ensures the inventory of hosts and recurring/ad-hoc scan policies are accurate.
• Reviews the scans to confirm correct, actionable data is generated to support the patching activities.
• Reviews STIG results and supports the team in implementing corrective action as applicable.
• Ensures all hosts can be seen in the endpoint security application with ongoing monitoring and applicable policies applied.
• Triages all alerts from the tool to ensure activity in the environment is authorized.
• Ensures deployment of tool and related modules are performing as intended.
• Monitors aggregate user data as directed.
• Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.
• Supports maintaining the Continuous Monitoring program, specifically around vulnerability management, endpoint security, auditing, and security alert triage/monitoring.
• Supports control implementation statement updates, documentation development for plans or procedures, artifact identification for assessments, and body of evidence generation.
• Supports POAM mitigation and/or remediation activities.

Benefits

• Growth: AI-powered career tool that identifies career steps and learning opportunities
• Support: An internal mobility team focused on helping you achieve your career goals
• Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
• Community: Award-winning culture of innovation and a military-friendly workplace