TS/SCI Cyber Tools Administrator

Job DescriptionOverview

We are hiring for a Cybersecurity Tools Administrator – Top Secret Clearance to support our government customer based in Springfield, VA. The position is required to be onsite and have an active TS/SCI clearance and the ability to obtain and maintain a Counterintelligence (CI) Polygraph.

Education:

Associate's degree from an accredited University; or

Certification:

CompTIA Security+ ce; or
GIAC Security Essentials Certification (GSEC); or
Systems Security Certified Practitioner (SSCP)

Security Clearance Requirements:

This position will require U.S. Citizenship and an active DoD Top Secret SCI clearance and have the ability to obtain and maintain a Counterintelligence (CI) Polygraph.

Responsibilities

The Cybersecurity Tools Administrator is responsible for implementing and maintaining the Directorate's cybersecurity toolsets, such as endpoint security solutions (ESS), malware protection, network detection & response (NDR), and endpoint detection & response (EDR). The Cybersecurity Tools Administrator is responsible for the following activities:

• Configuring, troubleshooting, and maintaining the hardware and software required to effectively manage cybersecurity toolsets across a global WAN.
• Developing and maintaining systems documentation as it pertains to endpoint and network security capabilities and their implementation (CONOPs, SOPs, etc.).
• Building tuning rules, alerts, and response activities that detect and mitigate perceived threats within the operational environment.
• Monitoring, analyzing, and escalating indicators of compromise or anomalous activity identified via cybersecurity toolsets.
• Developing reports and providing statuses on system health, wellness, availability and issue mitigation progress.

Qualifications

• Four or more years of progressive, hands-on experience as an engineer or administrator responsible for Enterprise cybersecurity toolsets (for example: RedSeal, NetWitness, StealthWatch, Ivanti IDAC, DISA HBSS/ESS, McAfee ePO, Trellix, Elastic Security, SentinelOne Singularity, CrowdStrike Falcon, or Tanium XEM).
• Demonstrated hands-on proficiency and expertise in the following areas:
  • Engineering or administering a variety of IT devices, toolsets, and technologies, such as Windows OS, Linux OS, Cisco, Citrix, VMware, Active Directory, LDAP, DHCP, etc.
  • Understanding and applying industry-standard DoD/IC cybersecurity policies, standards, and frameworks such as MITRE ATT@CK, NIST, CMMC, etc.
  • Securing or operating systems compliant with DISA STIGs.
  • Excellent problem-solving and analytical skills with an ability to work both independently and as a team.
  • Excellent written, verbal, communication, presentation, and reporting skills.
• Shall meet the minimum credential requirements for a Cyber IT/ Cybersecurity Workforce (CSWF) position as defined in Section 6, Table 3.

Desired Qualifications:

• Demonstrated, hands-on proficiency and expertise in the following areas:
  • Conducting real-time system monitoring, threat analyses, incident response, or vulnerability management.
  • Administering malware protection and host-based security solutions, such as DISA HBSS, McAfee ePO, etc.
  • Administering EDR product solutions (e.g., Elastic, SentinelOne, CrowdStrike, Trellix, and Tanium).
  • Administering NDR product solutions (e.g., RedSeal, Ivanti, NetWitness, and StealthWatch).