Please take this opportunity to join one of GDITs fastest long-standing growing programs! US Battlefield Information Collection and Exploitation System eXtended (US BICES-X) is a cutting edge program supporting DoW intelligence information sharing on current and emerging global threats to mission and coalition partners and emerging nations. With an internationally dispersed team supporting each combatant command, the US BICES-X team is in direct support of the war fighter and their missions. We are seeking a creative and driven professional with a passion for solving real world issues on a cross-functional, fast paced team.

As part of the Defensive Cyber Operations Team, youll be charged with maintaining the Cyber Security Posture for EUCOM data centers, workstations, and remote locations across the globe.

Responsibilities:

• Performs Defensive Cyber Operations (DCO) activities (formally known as Cyber Network Defense) for a large Program; coordinates with government Program staff, USAF, and other government agencies to assist in the creation, dissemination, direction, and auditing of program policy, standards, and operating procedures.
• This position will be working within our Cybersecurity infrastructure environment providing but not limited to; Implementation and Administration of Security Operations, SPLUNK, ACAS, ESS, CSfC Conmon, Elastic,and security related activities to secure and harden the cybersecurity systems.
• Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network in order to protect information, information systems, and networks from threats.
• Utilize available resources to conduct Cybersecurity activities, and report to senior GDIT and government personnel on overall program security posture.
• Operates and Maintains the Endpoint Security Solution (ESS) based on Trellix ePO and all its associated point products.
• Manages the CSfC Monitoring environment within Splunk/Elastic to ensure Continuous Monitoring requirements as laid out by NSA are met.
• Ensures the SEIM is fully functioning, collecting logs from all hosts, syslogs from appliances and producing dashboards for analysis and log retention.
• Conduct network and system audits for vulnerabilities using Security Technical Implementation Guides (STIGs), ACAS vulnerability scanner, and DISA SCAP to mitigate those findings for Linux, Windows, and associated network operating systems.
• Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
• Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
• Maintains current knowledge of relevant technology as assigned.
• Participates in special projects as required.

Required Qualifications:

• 5+ years of experience required.
• Must possess and maintain a Top Secret/SCI clearance.
• BA/BS degree required or equivalent work experience.
• Comprehensive knowledge of data security administration principles, methods, and techniques.
• Must meet DoW 8140.03 requirements and be eligible for IAT level II and CSSP Infrastructure Support access upon hire for positions with elevated privileges and maintain ITIL V3 Foundation certification.
• Requires familiarity with network concepts, user authentication, and digital signatures.
• Requires understanding of DOW RMF.

Preferred Qualifications:

• ESS Proficiency with a focus on back-end maintenance, policy management and deployment.
• ACAS Proficiency with a focus on Vulnerability Scan policy, DISA Best Practices and Agent manager deployment.
• Experience working with NSA CSfC networks.
• Familiarity with RHEL patching.
• Demonstrated experience with logging platforms such as Splunk or Elastic.
• The ability to work and set priorities on multiple projects/tasks at once and operate in a dynamic, fast-paced team-oriented environment.
• Depending on job assignment, additional specific certifications may be required; CISSP preferred.
• The work is typically performed in an office environment, which requires normal safety precautions; work may require some physical effort in the handling of light materials, boxes, or equipment.

#DefenseOCONUS