Cyber Security Engineer

Overview

About Technica: 

At Technica Corporation, our goal is to provide exceptional professional services and innovative technology solutions that meet or exceed our customer’s expectations. We specialize in a wide range of advanced information technology solutions from Systems Engineering to Cyber Security, and from Software Development to Product Solutions. From our locations across the DC Metro area, Hampton, Virginia, and Huntsville, Alabama, we provide technological subject matter expertise, program management and business process knowledge as a trusted advisor in support of our Department of Defense and other Federal Agency customers.

Responsibilities

Technica is seeking a Cyber Security Engineer to support CAOC-X in Hampton, VA. The Cyber Security Engineer for the CAOC-X program is a recognized industry authority with advanced technical insight in multiple fields and disciplines. The complexity of work is state of the art, and the ideal candidate is directly responsible for implementing secure solutions and mitigating risks. This is not a management role but a Cyber Security role at the engineering level. The ideal candidate is comfortable working with various government and commercial organizations in team settings to establish secure, intricate solutions.

The ideal candidate has a deep understanding of Cyber Security Doctrine, DISA STIGS, and common Cyber Security best practices used across the AOC. The Cyber Security Engineer is a master collaborator with a deep understanding of the AOC WS customer events (including, but not limited to): tests and evaluations, operational and technical assessments, spirals, exercises and training, innovation activities, configuration management, Sandbox support requirements, cyber events, demonstrations, and experiments at Langley AFB, VA.

Duties & Responsibilities:

• ACAS: Manage the Assured Compliance Assessment Solution (ACAS) to identify and mitigate vulnerabilities. Configure and maintain ACAS tools. Perform regular scans and analyze results to identify vulnerabilities. Collaborate with IT teams to remediate identified issues.
• Tenable Security Center and Nessus Scanners: Responsible for Tenable Security Center and Nessus Scanners implementation, configuration, and operation. Conduct vulnerability scans and analyze findings. Develop and implement remediation plans for identified vulnerabilities.
• HBSS/ESS/ePO Trellix: Ensure that the Host-Based Security System (HBSS), Endpoint Security Solutions (ESS), and Trellix ePolicy Orchestrator (ePO) are implemented appropriately to enhance overall security. Configure and manage HBSS, ESS, and ePO Trellix. Monitor and respond to security alerts and incidents. Implement security policies and ensure compliance with organizational standards.
• System Security: Deep understanding of Active Directory infrastructure, including designing, implementing, and auditing AD structures for optimal security; overseeing DNS to ensure reliable and secure name resolution services; ensuring the security of DNS servers and zones; monitoring performance; and implementing security measures to protect against threats. Proficient in managing and securing LINUX and Windows clients and servers, as well as IPS/IDS, routers, and firewalls. Provide Tier 3 support to the System Administration team, ensuring the highest level of expertise and problem resolution.
• Extensive experience with GPO Structures: Ensure that Group Policy Objects (GPOs) are managed securely across the environment. Manage GPOs to enforce security policies and configurations. Ensure GPOs are properly linked and applied within the organizational hierarchy. Conduct regular reviews and updates of GPOs to maintain compliance.
• DISA STIGs and SRG Compliance Specialist: Ensure systems and applications comply with Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Conduct assessments and audits to verify compliance with STIGs and SRGs. Implement necessary changes to achieve and maintain compliance. Document and report compliance status.
• Active Directory: Manage, maintain, and secure the Active Directory infrastructure, ensuring optimal performance and security. Secure Active Directory structures. Perform regular audits and updates to ensure compliance with security policies. Troubleshoot and resolve issues related to Active Directory.
• Support the continuous requirements of CAOC-X’s RMF: Support the cybersecurity requirements of all enclaves supported by CAOC-X.
• Train and work across the CAOC-X team: Support current and future cybersecurity requirements.
• Recommend measures to improve system information security: Focus on all supported aspects of the OSC/AOC Weapon System, such as file access controls and software and physical safeguards.
• Participate in the review and evaluation of existing software procedures: Recommend improvements to processes that contribute to automated data processing security incidents and the associated reporting procedures.
• Ensure planned and actual software and equipment installations: Accomplish in accordance with applicable security policies and regulations.
• Advise CAOC-X Leadership on security policies and procedures: Provide training and mentoring to new personnel as required.
• Implement and maintain password controls and procedures: Maintain user access controls (physical, personnel, and software and information security).
• Recommend policies and procedures: Ensure security regulations and instructions are followed.
• Apply information security and information assurance policies, principles, and practices: Deliver, install, and maintain AOC Weapon System Software.
• Ensure network configuration changes and hardware installations: Comply with applicable security regulations and instructions prior to implementation.
• Provide trouble ticket management, coordination, and resolution: Support the escalation of Tier 2/3 tickets in support of the CAOC-X testing and operational requirements as needed.
• Work with System Engineers, Cyber Security, Configuration Management, System Administration, COMSEC, Network Engineering, Hardware, System Managers, and the Program Manager to meet the needs of the CAOC-X program.
• Assist with evaluation, administration, and monitoring of security authentication technologies.
• Serve as the CAOC-X focal point for all AOC Weapon System information security matters, including:
  • Risk analyses and creating, maintaining, and updating all applicable certification and accreditation packages in accordance with established timelines.
  • Assist the ISSM with conducting risk analyses, security tests, and security incident investigations.
  • Conduct system security evaluations, audits, and reviews to facilitate the gathering, analysis, and preservation of information and assets related to computer security incidents.
  • Support the development of system security contingency plans and disaster recovery procedures intended for implementation in the event of a natural disaster.
  • Support coordination with the C2 Configuration Management section to ensure all security issues are resolved prior to implementing any software changes or installations.
  • Perform information security tasks as required.

The position would be located at Langley AFB, VA. Work will be performed onsite at a government facility.

Requirements

• Active Top-Secret Clearance (candidates may start with a Secret Clearance and will undergo investigation for TS/SCI)
• Bachelor's degree in IT, IS, or CS, and/or equivalent education and experience
• Minimum of 5 years of experience supporting operational and daily support to maintain and manage various systems and networks
• Certifications or specific skills in: Windows OS, UNIX OS, ACAS, Linux, HBSS, and Cisco IOS
• CASP+, or CISSP or CEH, equivalent certification is required within 6 months of start

Desired

• Prior experience working on and a deep understanding of the AOC WS
• Strong communications skills

EEO

EQUAL EMPLOYMENT OPPORTUNITY

It is Technica's policy to affirmatively support Equal Employment Opportunity (EEO) for all qualified individuals without regard to color, gender, religion, creed, national origin, age, race, disability, gender identity, genetic information, sexual orientation, marital status, veteran status or any other characteristic protected by law. This policy covers all aspects of the employment relationship including recruiting, hiring, compensation, assignment, promotion, transfer, training, working conditions, employment longevity, retirement, employee benefits and termination.

Technica's EEO philosophy promotes equal employment opportunity throughout the organization. Any form of unlawful employee harassment based on the above mentioned characteristics is prohibited. Equal Opportunity Employer Minorities/Women/Vets/Disabled/Gender Identity/Sexual Orientation.