Cybersecurity Engineer

Introduction

A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.

You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.

Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Your Role and Responsibilities

Position Location: Radford, VA or Ft. Belvoir (5 days per week)

Position Overview:

This position is for a Cybersecurity Engineer supporting the Army Edge Computing Capability (AECC) project that ALTESS is fielding for the US Army in the Pacific Theater. The AECC solution is a hyperconverged, multitenant private cloud hosting environment for hosting Army enterprise and tactical applications. AECC is utilizing the full suite of VMware products (ESXi, vSAN, NSX, vCloud Foundations, ARIA Automation, Tanzu) to implement a Software Defined Data Center (SDDC). ALTESS provides value added common and managed services built on top of the VMware foundation, that hosted Army applications will require. ALTESS is a managed service provider (MSP) and hosting services provider for Army applications. ALTESS is a Product Director office under Program Executive Office Enterprise Information Systems (PEO EIS).

Position Duties:

• As part of the Cybersecurity Division - Cyber Incident Response Team, deploy, install, manage, and operate Security Information and Event Management (SIEM) solutions to include Splunk and/or Elasticsearch.

• Responsible for assessment of threats and vulnerabilities to organizational computing assets and developing/integrating rules, queries, and filtering techniques to produce meaningful risk analysis for responses.

• Coordinate with PD ALTESS team to ensure all devices and components report all relevant logs to the SIEM solution and perform troubleshooting and maintenance of assets.

• Monitor DoD and Army web application security standards and best practices as well as reported/disclosed vulnerabilities. Work with internal and external customers to track, remediate, and report compliance for disclosed vulnerabilities.

• Work with a team to review Army Cyber Tasking Orders (CTOs), determine applicability and response, and incorporate required changes.

• Validate technical security controls are in place for operating systems, applications, and network appliances, and recommend enhancements.

• Review proposed SIEM configuration changes for security impact.

• Work with technical and policy teams to implement, maintain, and monitor technical security configuration controls, including: STIGs, SRGs, and other industry security hardening guidance.

• Collaborate with internal and external parties to transform high-level technical objectives into comprehensive technical requirements.

• Interact with Army Cyber Security Service Providers and customer ISSOs/ISSMs on a regular basis.

Required Technical and Professional Expertise

Required Skills:

• Extensive experience implementing, tuning, and monitoring SIEM rulesets.

• Experience working with auditors, customers, and other stakeholders to develop meaningful alerts, dashboards, and reports.

• Strong understanding of common cyber threat patterns, indicators of compromise, and defenses.

• Strong understanding of Linux (preferred) and Windows Operating Systems.

• Working knowledge of DoD STIGs, and IA Vulnerability Management (IAVM).

• Strong verbal and written communication skills.

• Ability to work cooperatively as a member of a team.

• Ability to interpret and apply rules, regulations, and procedures.

• Ability to gather, analyze, and present facts.

• Basic understanding of DOD Risk Management Framework Assessment & Authorization (RMF A&A).

• Experience automating routine administrative tasks desired.

• Understanding of network, storage, server, and application technologies.

Must be able to obtain and maintain a Secret Security Clearance

Required Certifications:

• DoD 8570.01-M IAT level II certification is required.

• Resource must possess Baseline certification as defined in DoD Instruction 8570.01-M (generally Security+ CE).

• Computing environment qualifications for this environment include documented training or certification on Red Hat Enterprise Linux and Splunk Enterprise and/or Elasticsearch. Contractors have up to 6 months from appointment to the cybersecurity position to complete the computing environment requirement.

Preferred Technical and Professional Expertise

none