Cyber Security Analyst (SIEM) - Platform Boundary Defense

Company: Scientific Research
Location: North Charleston
Posted on: March 17, 2023

Job Description:

Job Description

SRC is continuing and expanding their support of the Navy's Computer Network Defense (CND) program, on a 5 year delivery order. The SRC team provides cutting-edge engineering, analysis, integration and life cycle sustainment support for the CND systems. The purpose of the Navy Computer Network Defense (CND) program is to augment CND capabilities and integrate them into the unique environments encountered by Navy forces. Navy CND is an integral part of the cyber defense posture, protecting the Navy's component of the Global Information Grid (GIG) from exploitation and strongly linking to critical infrastructure protection. Naval Information Warfare Center (NIWC) Atlantic requires resources to support the Research, Development, Test Evaluation (RDT E) and Integration activities for the Information Technology for the 21st Century (IT-21), and OCONUS Navy Enterprise Network (ONENET) networks, to enhance network and cyber security.

As a member of the CND Engineering Team the SIEM Engineer will primarily provide sustainment support for the network security, support, installation, and system administration for Computer Network Defense Systems (CNDS). This team consists of numerous engineers and SME's tasked with finding the next solutions for CND systems. SRC is looking for qualified candidates for a challenging position on the CND Engineering Team.

PRIMARY DUTIES RESPONSIBILITIES:

• Racks and cables the Platform Boundary Defense (PBD) system
• Configures / tests the Windows/RHEL systems
• Configures / tests an Active Directory domain
• Configures / tests Splunk SIEM
• Configures / tests a Cisco ISE authentication capability
• Creates Engineering Changes to support the lifecycle including engineering documentation
• Performs vulnerability scans of the system and review on a weekly basis
• Coordinates among stakeholders, including Security Engineers, Network Administrators, System Administrators, Information Assurance Managers (IAMs) / Information Systems Security Managers (ISSMs), certification authorities, accreditation authorities (and representatives), program managers, vendors, etc., necessary to properly identify, document, mitigate, and manage risk attributed to the target system, network, and/or application
• Identifies, develops (either directly, or in coordination with applicable experts), and incorporates common artifacts found in an RMF accreditation package, e.g., system architecture and boundaries, hardware and software inventories, risk assessment reports, POA Ms, data flows, and other necessary system, network, and application documentation
• Uses vulnerability scanning and assessment tools (e.g., ACAS/HBSS) necessary to identify and document compliance
• Designs, implements and hardens of logging and SIEM tools, such as Splunk, Elastic Stack or similar
• Designs, implements and hardens of logging and SIEM tools, such as Splunk, Elastic Stack or similar
• Designs, implements and hardens experience with network security appliances (such as NGFW or IPS) or Linux is a plus
• This position will primarily be in a secured lab space, where the majority of work must be performed to support this tasking
• Opportunities for travelRequirements
  
  This opportunity provides a potential customized relocation package as well as sign-on bonuses for top candidates.
  
  MINIMUM SKILLS REQUIREMENTS:
  • A DoD 8570.1 IAT Level II certifications is required for this position:
    
    • Have one of the following security certifications: GSEC, Security +, SCNP, SSCP, CISSP
    • An additional OS/OE cert in relevant technology area: Splunk, RedHat, Linux+ or similar
    • Ten (10) years of experience in relevant technical field, to include: Technology Analysis and Assessment, Design Definition, Development of Systems Specification, Systems Analysis, Systems Architecture, Systems/Equipment Integration, Test Evaluation Criteria, and Logistics support of C5ISR requirements. Five (5) years of technical experience in support of task specific project. Note: Experience may be concurrent
    • Must be able to analyze network traffic at the packet level
    • System administration experience on DoD-deployed systems
    • Experience with RMF package development and DISA STIGs
    • Experience with Engineering Change Requests (ECRs) or similar
    • Experience with maintaining, updating and creating engineering process documentation
    • Experience developing capabilities that quickly process and provide to end user critical data requests
    • Experience in developing analytics supporting cyber security use cases that supports decision aids at the strategic, operational and tactical levels of maritime warfare
    • This position requires a minimum of a Secret security clearance to start, and will require a Top Secret to be obtained after on-boarding
      
      DESIRED SKILLS REQUIREMENTS:
      • Knowledgeable with CND Information Assurance (IA) systems
      • Basic knowledge of IP networking and protocols
      • Solid working knowledge of DoD logging requirements, retention policies and how to integrate collection of data from various sources, normalize and aggregate data
      • Solid understanding of how data is ingested to detect and discover threats -- use of SOAR to help automate response times
      • Self-motivated with the ability to work both independently and in a collaborative environment
      • Knowledge of systems engineering activities and process improvement approaches strongly desired
      • 5+ years' experience in one or more of the following:
      • Experience with automation and scripting solutions such as Ansible is a plus
        
        SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL WITH TOP SECRET ELIGIBILITY
        
        ABOUT US
        
        Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.
        
        Scientific Research Corporation offers a competitive salary, an extensive benefits package and a work environment that encourages excellence. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
        
        DIVERSITY INCLUSION
        
        We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.
        
        EQUAL OPPORTUNITY EMPLOYER
        
        Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.
        
        All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.
        
        Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact srchr@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
        
        Covid 19
        
        SRC does not currently require COVID-19 vaccinations for its employees. Pending the outcome of various court proceedings and resultant government action, SRC and all other Federal Contractor employees may be required, at some point in the future, to be fully vaccinated subject to accommodations for valid medical or religious reasons. Please visit https://www.saferfederalworkforce.gov/contractors/ to read more about the Federal Government's current position on COVID-19 vaccines for Federal Contractor employees.
        
        [#CJ #LI-SF1]

Keywords: Scientific Research, Charleston , Cyber Security Analyst (SIEM) - Platform Boundary Defense, Professions , North Charleston, South Carolina