Description

Job Summary:

ITS, LLC. is seeking a Defensive Cyberspace Operations (DCO) Engineer to join our dynamic team in Patrick SFB.

Description:

Require a Defensive Cyber Operations (DCO) SME with a desire to actively defend the mission systems critical to our national defense. As a senior engineer the candidate will lead individuals towards common goals and work with engineers to apply extensive expertise on multiple complex work assignments. Assignments may be broad in nature, requiring originality and innovation in determining how to accomplish tasks. Leads the development of DCO methodologies and presents solutions to problems. Contributes to deliverables and performance metrics where applicable. Consults on IT and cyber defensive architecture and technologies. Assesses assigned cyber key terrain to thoroughly understand the mission, architecture and associated threat. Advises on technical design and implementation of DCO capabilities required to effectively protect, detect and respond to cyber threats and attacks. Researches cyber defense technologies for best fit based on mission, architecture and current threat. Leads the design, implementation, configuration and/or tuning of cyber defensive technology. Authors documentation to include SOPs, checklists, implementation guides, architecture diagrams, crew binders, etc. to support DCO. Adapts technologies to meet the mission architecture and threat.

Mid-Level Required Experience: 5 years of technical experience in cyber-defense or cyber security related fields (e.g., engineering, networking, systems integration, solutions etc.). 5 years of professional technical experience (these years may be in conjunction with #2) Experience years must come from at least 2 of the following areas: -Container or virtual environments (e.g. Docker, Kubernetes, VMware, AWS) -In-band and out-of-band test access points for network traffic collection and aggregation (e.g. Gigamon) -Data storage solutions (e.g. NFS storage, distributed storage, Ceph Ruck storage, etc.) -Data-analysis toolsets (e.g. Elastic Search, Logstash, Kibana, Splunk, etc.) –Agile frameworks for software development, -Linux operating systems (Red Hat, Kali, etc.), -Windows operating systems, -Network infrastructure, -Security applications (Security Orchestration, Automation, and Response [SOAR], Security Information and Events Management [SIEM], Intrusion Detection Systems [IDS], etc.)

Key qualifications and skills:

• Hands-on experience configuring and troubleshooting network devices (Cisco experience is essential for this role, CCNA or higher would be great).
• Experience with Gigamon is a plus, but it is not required and can be learned on the job.
• Demonstrated ability to review and harden network topologies, including secure configuration and vulnerability assessment.
• Experience creating and updating network topologies and diagrams, ideally using Microsoft Visio.
• Exposure to or experience with STIGs.

Additional skills that would be of benefit:

• Ability to work cross-functionally with security and IT teams and to communicate technical issues clearly to non-technical clients.
• Familiarity with protocols such as TCP/IP, VLANs, OSPF, and VRF technologies.
• Experience with common firewalls (e.g., Cisco ASA, Fortinet, Palo Alto), including rule creation and troubleshooting.
• Exposure to intrusion detection and prevention systems, and the ability to interpret alerts.
• Familiarity with IT change control and documentation best practices.

PI280013942