|Must be a U.S. citizen, secret clearance required at start date.|
Network Security Specialist II:
The Network Security Specialist II will support the on-going Vectrus Cyber Security practice for the ACE-IT contract and customer. The Network Security Specialist will leverage Cyber Security processes and tools to architect and deliver end-to-end proactive cyber solutions which includes technical implementation of incident and event management processes, workflow customization, ticketing, process automation, report development, dashboard creation, and system configurations. The Network Security Specialist is responsible for the development, operations, and maintenance of multiple network infrastructure systems. Needs to have a moderate to expert level of understanding of network engineering, routing protocols, switching, and firewalling. The process SME is also responsible for developing relationships with all key stakeholders, including customers, operations, engineering, and service management office, to ensure that Cyber Security best practices are identified and fully assimilated into the customer environment.
MAJOR JOB ACTIVITIES:
- Develop, modify, build, implement, deploy and test intrusion prevention, intrusion detection, and firewall rules in alignment with client requirements utilizing change management best practices.
- Develop and maintain Access Control Lists on various security tool suites to ensure a proactive network defense posture.
- Responsible for providing technical and operational engineering support to functional users within the ACE-IT AOR for managing, monitoring and maintaining situational awareness of the networks and systems.
- Utilize the NOSC toolset to accurately analyze and report on the overall health of local deployed networks and to determine networks and systems security weaknesses and shortfalls
- Configure Cisco routers and switches to provide access control lists (ACL) and firewall configuration
- Maintain advanced router access lists to limit access to and from specific routers on operational routers while maintaining normal WAN operations
- Perform network incident analysis, recommend remediation steps and orchestrate available resources to respond in accordance with appropriate incident response plans.
- Analyze alerts as well as develop new triggers and reporting on an ongoing basis.
- Participate on interconnecting the SIEM tool with sources of network infrastructure data flows.
- Configure and manage security tools and network infrastructure devices in compliance with Department of Defense requirements while also ensuring continued compliance for all devices.
- Work with the security operations center team to ensure security devices/tools are configured properly to monitor, track, and analyze networks/systems for potential security violations while also assisting in all potential incidents.
- Also provide Information security subject matter expertise throughout the tasking and translate security requirements into technical designs/solutions.
- Work in close coordination with the Information Assurance team and SOC to appropriately resolve daily incidents.
- Work with the project team to help ensure customer data, company data, assets, and resources are as secure in order to maintain a proactive security posture within the environment.
- Ensure staff are following customer, DoD, Army, organizational policies and procedures.
- This position requires on-call availability for 24/7 coverage.
- Other duties as assigned.
MATERIAL & EQUIPMENT DIRECTLY USED:
- Desktop/Laptop computers, IA and CND software security applications
- Must comply with OSHA, EPA, Fire and Safety Regulations and published company work policies.
- Working environment will be in office environment/indoors and may extend into late hours.
- This position requires the applicant be able to travel up to 25% of the time.
- Individual should be able to lift up to 40 lbs. unassisted.
- Education/Certifications: One year related experience may be substituted for one year of education, if degree is required.
- Bachelor's degree in Information Security or IT related field
- At least 8 years' experience in Information Security.
- At least 4 years of experience in Network Security Administration.
- In depth knowledge of TCP/IP, routing, switching, intrusion detection/intrusion prevention systems, and a core understanding of DoD/DISA compliance methodologies/requirements.
- Intermediate experience with at least one of the following tool suites highly desired, FireEye, BlueCoat, BRO IDS, Cisco Web Proxy, or SourceFire IDS.
- Must be willing to travel; travel is infrequent and often less than two weeks if needed.
- Requires DoD 8140 (DOD 8570) standards as a IAT III position with one of the following certifications: GCIH, CISA, CASP, CISSP (or Associate), GCED
- Requires industry certification in a network area included to but not limited to one of the following; CCNA, CCSA, Juniper, Firewalls, etc.
- Excellent relationship and team communication skills.
- Strategic and tactical mindset.
- Critical thinking and problem solving skills.
- High tolerance/evolved ability to lead and manage ambiguous situations.
- Excellent organization skills.
- Excellent verbal, written, facility and presentation skills.
- Collaboration and team leadership abilities.
- Effective time management skills.
- Ability to establish customer trust and confidence.
- Ability to travel within company and customer locations as needed within short notice.
- If the needs of the business dictate, perform tasks outside normally scheduled business hours.