Cyber Engineer - HBSS

Job Title: Cyber Engineer - HBSS

Work Location: Peterson AFB, CO

Clearance: Current/Active TS+

Education: Bachelor's Degree is desired; or directly related job experience may be considered in lieu of a degree

Experience: 10 Years

Certification: IA Technician (IAT) Level II (At least one of the following certifications or training): Certified Information Systems Security Professional (CISSP) or CompTIA Security+ or GIAC Security Essentials or Certification (GSEC) or Security Certified Network Professional (SCNP) or System Security Certified Practitioner (SSCP)

Schedule: Monday Friday day shift

Travel: 5%

Salary: Commensurate with experience

Job Listing Number: CO16087

Contract Labor Category: Cyber Engineer Mid

Specific Duties: The services required for this position include supporting the Host Based Security System (HBSS) Engineering Support Element which develops HBSS engineering and analysis Concepts of Operation (CONOPs), Tactics, Techniques, & Procedures (TTPs), Standard Operating Procedures (SOPs) and Playbooks in support of Theater NetOps Control Center  (TNCC) Defensive Cyber Operations (DCO) and Department of Defense Information Network (DODIN) operations.  This position will formulate, develop, customize, and implement host-based intrusion detection/prevention signatures (IDS/IPS) based on cyber threat advisories, industry best practices, and known intrusion sets to support Cyber Discovery, Analysis, and Forensic Assessment operations.  Obtain and validate IDS signature/policy development required to identify, track, and monitor indications and warnings of anomalous network behavior on N-NC enterprise networks. Manage the customization and tuning efforts to operationalize the required HBSS modules within DCO and DODIN execution; support DCO and Forensics Analysts with incident management and response activities in relation to identified triggers and alerts. This position involves coordination with IT O&M's Network Operations Center for testing and implementation on N-NC enterprise networks.

The HBSS engineer will support DCO incident triage to include leveraging HBSS related data to assist in determining scope, urgency, and potential impact, lead HBSS event analysis processes and validates unknown behavior with the appropriate functional group through the appropriate tuning tools.  The position will research all information to assist DCO Analysts with identifying whether systems are under attack or functioning improperly; support countermeasure and course of action (COA) development activities, and support diagnosis of identified rogue systems and assist in de-confliction efforts to minimize false positive identification.  This work will provide regular reports to management to maintain situational awareness of HBSS-related events, coordinate with the IT O&M's NOC, Components, Subordinates and the Joint Cyberspace Center's Cyber Intelligence Branches.  Additionally, this work will collaborate and interact with the applicable Intelligence organizations to facilitate the sharing of HBSS related artifacts to including analysis reports, audit logs, and spreadsheets in support of DCO and DODIN execution. The HBSS Team will work closely with the Information Technology Operations and Maintenance (IT O&M) Branch, Command Cyber Security Branch, Network Operations Center (NOC) staff, and government leads. 

Qualifications:

• Recent IA/CND Operations Center (Ops Center) experience
• 3-5 Years of IA/CND operational experience preferred (e.g., DoD Information Network (DODIN), Defense Cyber Operations (DCO), NCC, etc.)
• Ability to work varying shifts, overtime, holidays, and weekends as required
• Strong Customer Communications Skills
• Ability to advise on network security and defense issues and enforce network security and vulnerability mitigation policies and procedures
• Demonstrated strong project management and organization skills, including the ability to draft clear and concise reports and to brief daily network security summaries and related issues and concerns to senior leaders and a larger audience
• Sound knowledge of management and monitoring of various network security components, devices and services
• Strong configuration knowledge of network security tools (e.g., Symantec Security Information Manager - SSIM, MacAfee Host Based Security System, Quest InTrust, etc.)
• Advanced understanding and in-depth knowledge of modern computer systems, client/server, LAN/WAN and Network concepts, modern network management and security monitoring concepts
• Knowledge of implementing Access Controls
• Knowledge of Patch Management
• Knowledge of Security Incident Response
• Experience in the management of Command and Control systems or other large corporate networks

Skills:  The work will require expertise, practical operational analysis experience, and technical support in:

• Operations of the Host Based Security System (HBSS) baseline, a flexible, commercial-off-the-shelf (COTS)-based application
• Working with N-NC J6 to ensure the HBSS solutions attached to each host (server, desktop, and laptop) in DoD are operational for data retrieval for addresses of known exploit traffic using Intrusion Prevention Systems (IPS) and host firewalls
• Performing monitoring, detecting, and through data retrieval, countering against known cyber-threats to Department of Defense (DoD) Enterprise
• Directing scans using Anomaly Detection Tool (ADT) or other relevant scanning capabilities available. Compile legible results interrupting the Symantec Security Information Manager (SSIM) software or equivalent capability and report/brief their findings using HBSS and other tools/capabilities available to validate Command IA policy)

To apply to this position please go to www.s4inc.com and click on Careers to complete and an employment application and to upload your resume.

S4 Inc. offers competitive salaries and a comprehensive benefits package with 401(k), and universal time off.  We are an Equal Opportunity Employer minorities/females/veterans/individuals with disabilities/sexual orientation/gender identity. S4 participates in the E-Verify employment verification program.  If you are looking for a challenging and rewarding position, then we invite you to submit your resume including salary history/requirements.  Candidate selected must be able to obtain and maintain the security clearance required by the contract at all times

If you are an individual with a disability or a disabled veteran, and need a reasonable accommodation to apply to a position, please contact Michelle Sweeney, HR Manager, by phone at (781) 273-1600 or by email at accommodation@s4inc.com

Current Openings for Cyber Engineer HBSS Jobs at S4 Inc.