Cyber Counter Access Analyst

Engility Corporation Shaw Air Force Base , SC 29152

Posted 2 months ago

Join SAIC's Information Technology (IT) Support Services Team in the Network Operations and Security Center (NOSC) of the US Air Forces Central Command (USAFCENT) Communications Directorate (A6). This opportunity places you at the tip of the spear for Engineering, Operations and Maintenance, Cyber Security, and Defensive Cyber Operations supporting the warfighter in the Southwest Asia area.

USAFCENT is the air component of United States Central Command (USCENTCOM), a regional unified command. USAFCENT, in concert with its coalition, joint and interagency partners, delivers decisive air and space power on behalf of USCENTCOM for the security and stability of the Southwest Asia (SWA) region. The USAFCENT NOSC delivers cyberspace command and control (C2) superiority to the warfighter by engineering, implementing, securing, managing, operating and maintaining USAFCENT's Non-Classified Internet Protocol Router Network (NIPRNet), Secret Internet Protocol Router (SIPRNet), USCENTCOM Partner Networks (CPN-X), and associated C2 networks, systems and services.

The USAFCENT NOSC executes the full-spectrum of IT services management and operations for USAFCENT networks 24 hour-a-day, 7 day-a-week (24/7); and is tasked by USCENTCOM to provide information assurance (IA) boundary intrusion detection and intrusion prevention for USCENTCOM components. Comprised of NOSC operations, operations support, cybersecurity, network engineering, and command support functions, the USAFCENT NOSC plans, engineers, installs, integrates, operates and maintains, protects and manages enterprise-wide network and systems architecture, infrastructure and services; and provides enterprise-level oversight to its subordinate and supported communications support activities.

Candidates will be working at Shaw AFB, SC and/or Lackland AFB, TX. Frequent temporary duty (TDY) and/or deployment travel to OCONUS locations in the USCENTCOM AOR is required to support sustainment, site surveys, installations, upgrades, integration, testing, troubleshooting and other mission-related requirements.

The candidate for this position provides solutions to a variety of technical problems of moderate scope and complexity where analysis of situations or data requires a review of the variety of factors through frequent use and application of technical standards, principles, theories, concepts and techniques.

The Counter Access Team:

  • Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.

  • Conducts risk and vulnerability assessment at the network, system and application level.

  • Conducts threat modeling exercises.

  • Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.

  • Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.

  • Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.

  • Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.

  • Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring.

  • Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards.

  • Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.

  • Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed.

  • May support cyber metrics development, maintenance and reporting.

  • May provide briefings to senior staff.

  • Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions.

  • Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring.

  • Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards.

  • Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.

  • Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed.

  • May support cyber metrics development, maintenance and reporting.

  • May provide briefings to senior staff.

Specific duties for this position include, but are not limited to:

  • Contractor shall monitor network traffic to determine system vulnerabilities and required fixes; apply established network security procedures, log and make recommendations for correcting network security incidents; and coordinate the escalation of security issues requiring detailed analysis to Cybersecurity Analysts.

  • Build tactical and strategic network profiles for specific systems and complete network architecture.

  • Analyze network intrusion detection systems and conduct vulnerability assessments.

  • Utilize network intrusion devices and information assurance tools, including but not limited to, Internet Security Scanner (ISS), Cisco Security Agent (CSA), and other zero-day personal firewall and security agents.

  • Advanced Traffic Analysis. The contractor shall:

  • Provide an overall site-analysis profile to serve as a benchmark to identify unusual or suspicious activity.

  • Analyze live and historical data for events related to possible network infiltration

  • Maintain current knowledge on new vulnerabilities and exploits. Develop countermeasures (to include IDS/IPS signature development and correlation rule sets) to isolate, contain and prevent intrusive actives and secure USAFCENT/USCENTCOM networks.

  • Develop methods to identify contain, log, and analyze intrusive activities and security vulnerabilities on USAFCENT networks.

  • Incident Response Analysis. The contractor shall:

  • Perform network traffic and host analysis to evaluate intruder activities using host and network-based monitoring system. Correlate information gathered to provide effective methods to protect the USAFCENT domain. Ensure appropriate notification action is taken to reduce the risk to the USAFCENT networks.

  • Conduct network and computer forensics on suspected and confirmed compromised system to determine the method of intrusion and corrective actions to be taken to prevent or detect similar future activities.

  • Develop methods to identify contain, log, and analyze intrusive activities and security vulnerabilities on USAFCENT networks. Prevent intruders from accessing USAFCENT resources. Maintain current knowledge on new vulnerabilities and exploits. Develop countermeasures (to include IDS/IPS signature development and correlation rule sets) to isolate, contain and prevent intrusive actives and secure USAFCENT/USCENTCOM networks.

  • Maintain current knowledge on existing and new malware behavior and propagation characteristics. Maintain current knowledge on the anti-virus tools currently in use by USAFCENT/USCENTCOM. Develop methods to identify, contain, log, and analyze malware-based activities on USAFCENT networks.

  • Vulnerability Analysis and Assessments. The contractor shall:

  • Utilize DOD mandated vulnerability scanner to scan for vulnerabilities on the USAFCENT enterprise.

  • Vulnerability Assessment: Contractor shall use vulnerability toolset to determine networks and systems security weaknesses and shortfalls. Research and coordinate vulnerability finding with Security Analysis to provide detailed fix actions.

  • Coordinate with other computer emergency response team (CERT) to ensure latest known vulnerabilities are properly identified and corrected.

  • Manage and maintain control of network intrusion detection systems (IDS). Ensure end-to-end operations for network and information technology systems.

  • Perform security device/sensor maintenance, troubleshooting and fault isolation to ensure network connectivity to sensor equipment.

  • Establish VPNs between AF and USCENTCOM sites for protected communications; and access control lists to restrict unauthorized access to network resources.

  • Monitor network traffic to determine system vulnerabilities and required fixes; apply established network security procedures, logs and makes recommendation for correcting network security incidents; and coordinate the escalation of security issues requiring detailed analysis to Security Analyst.

  • Intrusion Detections. The contractor shall contractor shall examine logs and information gained from network sniffers or protocol analyzers to determine if possible unauthorized access has occurred; identify, track and record suspected intrusion or actual security breach; and detail analyses in written reports for legal use. Contractor may be required to provide oral or written findings and explanation of events for any legal actions associated with security breaches.

  • Schedule, coordinate and attend daily Theater Network Control Central Cyber Defense briefings.

  • Facilitate weekly Information Assurance teleconferences.

Bachelors and two (2) years or more experience; Masters and 0 years related experience. In lieu of a degree, four (4) years of additional experience is required. In addition the following certifications and skills are required: CEH, MCSA, Firewall, Network CE, and ITIL Foundation.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Security Analyst

Caci International Inc.

Posted 3 days ago

VIEW JOBS 5/30/2020 12:00:00 AM 2020-08-28T00:00 Job Description What You'll Get to Do: * Conduct network security monitoring and intrusion detection analysis using the DoD selected security tools to include but not limited to IDS/IPS, firewall, proxy, router logs. * Research Net Defense (NetD) to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activates. * Correlate unusual and suspicious network activity across the enterprise. * Validate unusual network activity unique to a geographical region and sensor location. * Track trends of authorized and unauthorized network activity. * Possess the following skill sets: knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e-mail, domain controller, file server, Active Directory) and analysis of server logs. More About the Role: * Maintain current knowledge on new vulnerabilities and exploits. * Develop methods to detect and prevent intrusive activities utilizing experience and latest security tools. * Coordinate and track Information Assurance Vulnerabilities Alerts (IAVA). * Use strong interpersonal skills and sufficient mastery of the cyber security profession to act as a trainer for both contractors and government personnel cyber security disciplines. * Assist and direct, organize, and utilize crisis management techniques during outages, virus outbreaks, and in high-pressure environments. * Review and report compliance to DoD organizations and develop Plans, Objectives, Actions and Milestones (POA&M) if unable to complete task. * Demonstrate expertise in a broad range of skill sets tempered with confidence and leadership and shall be expected to function with minimal supervision. You'll Bring These Qualifications: * DoD Secret clearance * A.S. degree or higher in IT * 3-5 years of IT Network and Cyber Security experience * Sec+, Net+, MCSA (within 120 days of start date), and ITILv3 certifications * Must be eager to learn and able to adapt quickly These Qualifications Would be Nice to Have: * 3-5 Years Firewall Experience * 10+ Years DoD Experience * USAFCENT Experience What We Can Offer You: * We've been named a Best Place to Work by the Washington Post. * Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives. * We offer competitive benefits and learning and development opportunities. * We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities. * For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success. Job Location US-Shaw Air Force Base-SC-COLUMBIA CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities. Caci International Inc. Shaw Air Force Base SC

Cyber Counter Access Analyst

Engility Corporation