Senior Systems Security Administrator

About The Position

Requirements

• A Bachelor's degree in Computer Science, Systems Engineering, Information Systems, or a comparable field or equivalent years of professional work experience in Information Technology (IT).
• 5+ years performing security systems analysis and monitoring in an enterprise environment.
• 3+ years of experience administering enterprise security tools and capabilities including ESS and ACAS in an organization with at least 100 devices.
• Experience in both Windows and RHEL Operating Systems.
• Skill in assessing security controls based on cybersecurity principles and tenets.
• A comprehensive understanding of Host-based Security Systems, Device Control Solutions, Network Access Control (802.1x), and Security tools implementation.
• Experience conducting packet capture (PCAP) analysis.
• Experience in the implementation of Security Technical Implementation Guide (STIGs) for device hardening.
• Experience in incident response process with the ability to effectively troubleshoot issues in a complex environment.
• Self-starter capable of working effectively under minimal guidance and within a team.
• DISA ESS 201 & 301 Administrator certifications and DISA ACAS Operator and Supervisor certification.
• A current industry certification aligned to DoD Manual 8570, 01-M for IAT II (e.g., GSEC, Security+, CCNA-Security).
• Excellent oral and written communication skills, including articulating and presenting highly technical information in a comprehensible manner to all levels of management and staff.
• Have an active Top Secret security clearance.

Nice To Haves

• Have prior experience maintaining and operating ForeScout CounterAct or other Comply-to-Connect solutions.
• Hands-on in-depth knowledge and experience in networking, network security, VMware, Enterprise storage, server, data center services, and other leading-edge products and technologies.
• Have prior experience utilizing Splunk to create custom queries to analyze and respond to anomalies.
• A current industry certification aligned to DoD Manual 8140, 01-M for CSSP roles (e.g., CEH, GCIH, CISSP).

Responsibilities

• Analyze data that will improve the security posture of the Collateral Networks and identify operational issues.
• Evaluate the effectiveness of current security systems and make suggestions for improvement when necessary.
• Establish a framework to assess and improve current controls and processes to the security system.
• Assist with the installation and maintenance of the ESS/Trellix ePolicy Orchestrator (ePO) suite and associated modules in accordance with the DoD-mandated baseline.
• Support the implementation and upkeep of application whitelisting through the Trellix SolidCore module.
• Analyze logs and monitor authorized and unauthorized removable devices and media on the network.
• Monitor alerts for specific events associated with VPN Gateways or Firewalls associated with receives and drops of any unexpected traffic which could indicate a compromise.
• Collaborate with audit analysts to monitor policy changes, privileged user activities, and data transfers to ensure continuous policy enforcement.
• Plan, communicate, and coordinate CND tools administration to support requirements from sources such as Security Operations, DoD compliance/inspection readiness, Cyber Security Services Provider (CSSP), and end-users.
• Support the Vulnerability Management Team to ensure the ACAS security architecture, design, and implementation is in accordance with DoD regulations and other governing documents.

Benefits

• Generous benefits including a robust education assistance program.
• Unparalleled retirement contributions.
• Healthy work/life balance.
• Comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development.