View All Jobs

Countermeasures ESS Team Lead in Fairmont at General Dynamics Information Technology

Date Posted: 2/15/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Fairmont
  • Job Type:
    Other
  • Experience:
    Not Specified
  • Date Posted:
    2/15/2018
  • Job ID:
    2018-35901

Job Description

General Dynamics IT has an opening for a NOAA Countermeasures ESS Team Lead with strong communication and technical skills that will provide cybersecurity monitoring and situational awareness across the National Oceanic and Atmospheric Administration (NOAA) Enterprise Security Services (ESS) organization.  The NOAA ESS provides TIC Services, vulnerability scanning, and other security support services.  The TIC initiative is also a key driver in the White House’s Comprehensive National Cybersecurity Initiative in consolidating Internet Access Points across the Federal Government and provided a standard set of security services for each internet access point

  • Provide a number of operational security services for NOAA protect their data, networks, intellectual property and protect national level missions. Maintain the Web Gateway/proxy systems, which filter NOAA user web traffic for malicious URLs and content. Web Gateway blocks over three million potential malicious hits a week. This is a first line defense that prevents malware, viruses, and phishing exposure to NOAA systems and users. Web Gateway serves as a sensor to feed data into the Security Information and Event Management (SIEM) for SOC monitoring.
  • Maintain and administer NOAA's security scanner infrastructure.
  • Maintain the security functions of the TICAP including, but not limited to: Compliance with DHS, TIC 2.0 Reference Architecture, Packet Filtering, Proxy, Content Filtering, and Intrusion Detection and Prevention.

The candidate must be a US Citizen and be able to obtain Department of Commerce vetting clearance.

Specific roles & responsibilities for the position include but not limited to the following:

  • Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
  • Monitors and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
  • Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
  • Evaluates firewall change requests and assess organizational risk.
  • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
  • Assists with implementation of counter-measures or mitigating controls.
  • Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
  • Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
  • Prepares incident reports of analysis methodology and results.
  • Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
  • Serves as a technical team or task leader.
  • Maintains current knowledge of relevant technology as assigned.
  • Participates in special projects as required.

Candidates must be willing to submit resumes to be included in the final proposal submission. Employment is contingent upon contract award.

Job Requirements

  • 8-10 years of related experience in data security administration, including supervisory experience.
  • Certification(s) Desired: CISSP, GIAC GREM, GIAC GSEC, GIAC GCIH, GIAC GCFA, CCNA, CEH, MCITP, ENCE
  • Familiarity with the tasks and technology such as the following: Tenable Security Administration, Web Gateway Blocks and White listing, Nessus and TSC customer support, NOAA0100 Vulnerability Scanning, Network Flow Analysis, Packet Capture, Web Gateway/Antivirus inspection, Firewalling, Intersite Connectivity, Einstein packet inspection and flow analysis, Centralized Time sync, Packet distribution, Centralized logging and analysis, Security Log Collector, Security Log Retention, SIEM, VTC Management

Additional Desired Experience:

  • Five (5) years of experience in network security with a focus on computer forensics, static code reverse engineering, and advanced (packet) network analysis. Static code reverse engineering experience can be substituted by experience in similar skill in computer forensics, network analysis, mobile device forensics related to malicious code, network flow analysis, or other similar skill.
  • Three (3) years of technical task management and supervisory experience.
  • Demonstrated expertise in deploying and maintaining open source network security monitoring and assessment tools.
  • Experience writing contract deliverables such as Trend Analysis reports and Quarterly Status Reports.
  • Advanced knowledge of data security administration principles, methods, and techniques.
  • Effective supervisory skills.
  • Certification in one or more specific technologies.
  • Familiarity with domain structures, user authentication, and digital signatures.
  • Understanding of firewall theory and configuration.
  • Requires understanding of DHS/DoD policies and procedures, such as FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.

As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.

#HCSDCJ



WIIS14