Description

FEDITC, LLC is a fast-growing business supporting DoD and other intelligence agencies worldwide. FEDITC develops mission critical national security systems throughout the world directly supporting the Warfighter, DoD Leadership, & the country. We are proud & honored to provide these services.

Overview of position:

FEDITC is seeking a Mid Security Engineer to work in Stennis, Mississippi DC1. A United States Citizenship and eligibility for a DHS EoD is required to be considered for this position.

Responsibilities:

• Responsible for 24/7 (on call) DHS Security Infrastructure O&M/user support for Cloud AWS, Azure, Google; Cloudtrail, Lookout, Kubernetes, Terraform and other Security systems and tools.
• Design and develop cyber security technology along with integration of new architectural features into existing infrastructures while maintaining the integrity and security of enterprise-wide cyber systems and networks. Experience demonstrating capability to meet position requirements.
• Provides support for Servers Operating Systems (OS), WAN/LAN, storage, Firewalls, IDS/IPS, sensors, Proxy servers, Hyperconverged, Cloud Gateways and other Infrastructure are functional, accredited, documented, configured, patched, security compliant, monitored, optimized, available 99.95% as well as user support.
• Team supports Hardware, Cisco devices, Firewalls, Bluecoats, Storage, Fiber Channel, Hyperconverged technology, Hardware, Cisco ISE, ForeScout, NetFlow, IDS/IPS, McAfee NSM.
• Provide DHS NOC/SOC Security Tool Maintenance
• Create procedures and documentation for maintaining all security hardware and software.
• Categories of tools to be managed include DMA tools, SIEM, Malware analysis, asset management, forensics, encryption, continuous monitoring tools, and incident and case tracking and ticketing.
• Perform fullscope administration, maintenance, management, and configuration, patching, upgrades and optimization of security tools, devices, application systems, and servers and sensors within the cybersecurity infrastructure.
• Maintain SIEM applications to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, DLP, antivirus, vulnerability scanner elements and other securityrelevant devices.
• Interface DHS Enterprise and systems information into the SIEM tool using information from the Compliance and Technology Information Assurance Compliance System (IACS) and input from tool ISSOs and perform asset categorization and prioritization.
• Install and/or modify network and/or endpoint security elements, tools, and other systems as required to maintain optimal coverage and performance, as approved by Management.
• Create and maintain standard Tool Maintenance Design Documentation and Test Plans for new and existing security applications and hardware in order to avoid obsolescence and to improve productivity for the DHS user community and for DHS management.
• Create diagrams of new or revised solutions for transition to operational support encompassing the entire "endtoend" configuration flow diagram describing all solution elements.
• Administer, manage, configure, maintain, and tune SOC tools, devices and application systems, servers and sensors, and remediating vulnerabilities.
• Review network security architecture and design, and provide recommendations to the Government Leads
• Configure and manage security tools to optimize data correlation and event discovery and detection.
• Provide security device signature maintenance and performance reports.
• Maintain the SIEM to collect and aggregate alert data from IDS/IPS/DLP network sensors, raw data from collection agents, firewalls, proxy servers, antivirus, and vulnerability scanner elements.
• Enroll DHS network and systems information into the SIEM tool, using information from the Compliance and Technology Information Assurance Compliance System (IACS) and input from ISSOs, and perform asset categorization and prioritization.
• Create and maintain tool tuning and operation O&M SOPs/CONOPS and functionality and or operational documentation and other required documentation as described in the Cybersecurity Service Provider Program (CSP)
• Maintain a monitored, remotely accessible, unattributed network for use by DHS SOC analysts in accordance with DHS and FISMA directives
• Maintain an Out of Band Digital Media Analysis network for use by DHS SOC analysts in accordance with DHS and FISMA directives.
• Operate and maintain any other tools under the direct control of DHS SOC, such as specialized or “one-off” monitoring or analysis platforms.
• Track and manage SOC security devices, physical property, and asset management.
• Assist the Government Local Property Officer (LPO) with documenting and maintaining inventory of Enterprise SOC document property and assets, documenting Enterprise SOC software licenses, and tracking maintenance and support agreements, including technology refresh.
• Be responsible for supporting LAN/WAN/SD-WAN security solutions including creating and maintaining LAN/WAN access control standard design documentation.
• Provide appropriate diagnostic or monitoring tool enhancement recommendations to the Government
• Manage all software licensing on behalf of the DHS SOC
• Assist with requirements gathering and systems analysis for new software requirements
• Provide Software Maintenance Recommendations to the Government Leads
• Provide recommendations to meet business needs
• Perform security impact assessments
• Assist with vendor product evaluations and provide an impact analysis for any new software/products proposed
• Provide a monthly report that includes the following information: Software and Maintenance Renewals and the Software License Inventor
• Support the Operations and Maintenance (O&M) and feature development for the DHS incident tracking system, and integrations with the SOAR tool.
• Identify information sources, analyze data sets for inclusion and develop mechanisms for pairing down the information upon ingestion. This can be done through Search Processing Language (SPL). Any other tools must be presented and approved by the government
• Propose enhancements for these candidates to the Government for evaluation and prioritization.
• Establish a SIEM capacity management process and plan.
• Test SPL content, scripts and other automation products prior to deployment to ensure they do not produce a negative impact to either the logging solution or other tools and technologies.
• Revise content as needed to enhance performance and ensure compatibility.
• Report all new, modified and removed content to the Government.
• Ensure that systems under SOC control are compliant with the existing DHS Security Logging Strategy.
• Tune the capabilities as practicable to improve efficiency.
• Propose enhancements for these candidates to the Government for evaluation and prioritization
• Identify shortfalls in the current capability.
• Recommend improvements to current processes.
• Review network Systems Engineering Lifecycle (SELC) as required and provide comments as requested by the network engineering team regarding evaluation, testing, design and implementation of a security architecture that supports network security controls, monitoring, and analysis of network security events, and data flow, collection and retention.

Qualifications

Experience/Education:

• BA degree
• 6 years of related experience
• Experience with Splunk is desired
• Trellix, McAfee EPO
• System Administration, Core engineering (Router & Switches)

Certification:

• Certification involving Cybersecurity

Clearance:

• Active TS/SCI w/ Eligibility for DHS EoD.
• Must be a US Citizen and pass a background check.
• Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FEDITC and/or required by FEDITCS Client(s)/Customer(s)/Prime contractor(s).

FEDITC, LLC. is committed to fostering an inclusive workplace and provides equal employment opportunities (EEO) to all employees and applicants for employment. We do not employ AI tools in our decision-making processes. Regardless of race, color, religion, sex (including pregnancy), sexual orientation, gender identity or expression, national origin, age, disability, genetic information, marital status, amnesty, or status as a covered veteran. FEDITC, LLC. ensures that all employment decisions are made in accordance with applicable federal, state, and local laws. Our commitment to non-discrimination in employment extends to every location in which our company operates.