Candidate will be responsible for configuring, integrating, operating, and maintaining the Host Based Security System (HBSS) for Enterprise Applications.
Set up and perform system administration on the HBSS and integrate HBSS data (alerts, logs, data feeds, etc.) detect, and respond processes, procedures (intrusion detection analysis, auditing, etc.) and systems. Monitor the HBSS for alerts, assess and modify the HBSS operational parameters (filters, signatures, rules, etc.) when requested.
Perform research and test configurations to determine the best solution to meet customer goals and objectives.
Import/Create/Modify HBSS Policy Sets and Tag Creation/Modification Process Queries and Dashboards. Experience with HBSS and its products, both at the ePO and Client level: ePO Management Suite; ABM - Asset Baseline Monitor; PA -Policy Auditor; HIPS - Host Intrusion Prevention System; RSD - Rogue Sensor Detection; Virus Protection; and DCM - Device Control Module.
Experience performing IT system administration (Windows, UNIX, Linux, etc), security, STIGs, IAVAs, IA compliance, etc.
Demonstrates initiative, pro-activeness, and engagement with the rest of the Windows/ESX/HBSS Admin Team.
Performs and conducts vulnerability scans to determine overall health of network infrastructure.
Review and analyze security data to assess and determine most critical vulnerabilities and its impact to the organization.
Experience working with firewalls, access control lists, subnetting, and network security zones. Ability to communicate and present security assessment and risk analysis to a various audience. Knowledge of various network tools such as Wireshark, portquery, nmap, tcpdump, etc.
Ability to effectively prioritize and execute tasks in a high-pressure environment.
Strong results-oriented work ethic and customer service orientation.
Advanced understanding of TCP/IP routing/switching/protocols
DOD 8570 Requirements:
IAT Level II
IA Certification: CISSP, Security+, CASP
Candidate must already have a Secret clearance, upgradable to Top Secret, and will be subject to a government security background investigation.