Washington, D.C./Hybrid (4 days on-site, 1 day telework)
TS/SCI- Clearance Minimum
Zeneth Technology Partners is a top-rated cyber security firm. We are passionate about providing excellent service to our clients both government and commercial. Our collaborative environment encourages creativity, growth, and community, which allows you to have the opportunity to initiate and contribute to challenging projects, while continuing to grow in your professional career. Bring us your creativity, innovation, and your relentless focus on customer service and join a cyber security team at its best!
Security Clearance: TS/SCI + required and able to receive their PSD/Yankee White, or Active Yankee White Clearance
Responsibilities and Duties
- Provide support with respect to technical management security infrastructure for a Windows and Linux based network platform.
- Operate and maintain security infrastructure including IDSs, HBSS, etc. to ensure system and application performance/health monitoring. Develop and maintain security infrastructure policies and procedures in accordance with DISA standards.
- Manage security infrastructure servers on the WHMO network and ensure that all are maintained and upgraded according to the latest DISA guidelines.
- Create and maintain Host Intrusion Prevention System (HIPS) exceptions and firewall rules in efforts to ensure secure site configurations per DISA guidance.
- Monitor latest HBSS to detect faulty operation, anomalies, and security events.
- Develop, run, analyze, and maintain reports using SQL and HBSS reporting.
- Develop sorting rules, dashboards, data monitors, and filters using HBSS for first responders, analyst, and Information Assurance Manager.
- Deploy, tune, and configure software to detect and/or prevent malicious activity at host level.
- Develop and test new agents.
- Analyze the results of queries for "Interesting Events" and pass to first responders to open new investigation.
- Maintain logs.
- Work cooperatively with other divisions to resolve issues and meet objectives.
- Perform report and query generation.
- Interface with government customer and other divisions in order to provide a quality product that meets objectives.
- Develop written procedures and provide on-site training.
- Monitor and control all HBSS accounts including access level, policies changes, etc.
- Participate in special projects as required.
- Provide monthly status report.
- Create and maintain documentation of all HBSS system configurations.
- Develop and maintain all documentation for HBSS policies and procedures in accordance with DISA standards.
- Create and maintain documentation for all Host Intrusion Prevention System (HIPS) exceptions and firewall rules.
- Assist in any network/host intrusion investigation that requires HBSS logs.
- Maintain all records of reports developed, run, and analyzed using SQL and HBSS reporting.
- Maintain documentation of all sorting rules developed, dashboards setups, data monitors, and filters.
- Maintain all documentation of software and signatures used to detect and/or prevent malicious activity at host level.
- Develop written procedures and provide on-site HBSS training.
- Log all investigation progress details in Incident Response tracker.
Certifications and Training:
- 8570 CNDSP Infrastructure Support certifications (CEH and/or SSCP)
- Red Hat Certified System Administrator (RHCSA),
- Desired current Microsoft Certified IT Professional (MCITP) certification.
- HBSS 201 Basic and 301 Advanced training
- Oral Communication
- Written Communication; Technical writing
- Primarily responsible for the technical management security infrastructure for a Windows and Linux based network platform. The position will oversee all security system maintenance, upgrades, expansions, etc.
- Conducts security system maintenance, upgrades, etc. based on all DISA requirements and vendor recommendations
- Experience interpreting, applying and advising others on DOD IA/CND policies, guidance and regulations
- Expertise in McAfee’s ePO, subsequent modules, including McAfee Agent, Rogue Sensor Detection, HIPS, Policy Auditor (PA), Data Loss Prevention (DLP), etc.
- Hands-on network operations experience in multi-site Windows and Linux environments – Data circuits, Firewall/VPN, TCP/IP and routing protocols, Switches (CISCO), File servers (Linux), Data storage, and Windows servers running COTS and custom applications etc.
- Operate and tune Linux systems, servers, and related components to ensure high levels of availability and security of the supported business applications. This includes installs, configures, and maintains
- Perform system backups and restores
- Strong knowledge of Cloud related security, engineering, design, architectural, maintenance, business modeling, or similar areas related to the information technology project being performed
- Strong knowledge of intrusion detection methods protecting DOD computer networks and systems
- Strong understanding of Active Directory