By Light Professional IT Services

  • Insider Threat Cyber Engineer

    Job Locations US-MD-Suitland
    Posted Date 1 month ago(11/14/2018 4:33 PM)
    ID
    2018-2523
    # of Openings
    1
    Category
    Information Technology
    Clearance
    TS/SCI
  • Overview

    Supports the Naval Intelligence Activity (NIA) in Suitland, Maryland. This position is contingent upon successful award of contract and duration is one-year base and two one-year option periods. Normal duty hours are Monday through Friday 0900 to 1500 daily. Primary responsibilities include the development and management of Insider Threat Detection Program.

     

    By Light provides a broad range of hardware, software, engineering, and IT integration services. Headquartered in Arlington, VA, we support defense, civilian, commercial, and health IT customers worldwide. We offer an excellent benefits package that includes: medical, dental, vision, life and disability insurance, paid time off, paid holidays, 401(k), and profit sharing.

    Responsibilities

    • Serve as a member of a Government-led Insider Threat – Fusion Cell Analysis Team, with a focus on information technology system design, development, integration/testing, implementation, and operation of an automated Audit/Anomaly Threat Detection technology.
    • Perform systems administration, operation, and maintenance of the automated Audit/Anomaly Threat Detection technology and its back-end databases.
    • Develop and execute comprehensive functional, regression, and performance test plans, cases, procedures and reports. 
    • Monitor the automated Audit/Anomaly Threat Detection technology and back-end databases health and performance status and generate reports as requested.
    • Keep the automated Audit/Anomaly Threat Detection technology and its back-end database configurations in sync with security approvals (e.g., Interim Approvals to Test (IATT), Authorization to Operate (ATO), etc.).
    • Configure, test, and install (manually and remotely) client agents used with the automated Audit/Anomaly Threat Detection technology.
    • Assess applicability of and, in accordance with Navy policy, test, configure, and install software and security updates and patches to current and future automated Audit/Anomaly Threat Detection technology.
    • Work with the Hopper Information Services Center (HISC) and other stakeholders identified by the Government to integrate, test, secure, and deploy current and future Government-provided automated Audit/Anomaly Threat Detection technology.
    • Ensure that policies/triggers and updates are applied to the automated Audit/Anomaly Threat Detection technology and client systems in accordance with Policy Control Board (PCB) direction.
    • Provide a weekly status report to the Government
    • Work with the PCB to harden policies/triggers in order to prevent system tampering and to address network and host threats.
    • Configure asset groups to allow deployment of policies/triggers on a logical and meaningful basis.
    • Create new accounts, assign appropriate permissions, and disable inactive accounts.   
    • Configure notification and alerts as directed.
    • Coordinate hardware and software updates for the automated Audit/Anomaly Threat Detection technology with appropriate personnel to limit false positives and interoperability issues.
    • Collaborate and coordinate with vendors of the automated Audit/Anomaly Threat Detection technology to receive, test, and implement product updates and hotfixes.
    • Collaborate and coordinate with vendors of the automated Audit/Anomaly Threat Detection technology to resolve Tier II and Tier III issues on developmental and operational networks.
    • Provide documentation to support the installation, configuration, administration, security assessment and authorization, and disaster recovery of the automated Audit/Anomaly Threat Detection technology.
    • Collaborate with pillar leads of Information Assurance, Security and Counter Intelligence/Law Enforcement (CI/LE) to establish and configure Role Based Access Controls (RBAC) and Custom Views for consumption of data generated by the automated Audit/Anomaly Threat Detection technology, and develop policies/triggers for the automated Audit/Anomaly Threat Detection technology
    • Assist in regular trigger refinement based on analysis of evolving anomaly event activities across the Navy SCI and SIPR network
    • Capture, document, develop and provide a Lessons Learned document for the program. 
    • Assist in development of business processes and workflows (technical or functional), SOPs, and documentation.  Unless otherwise directed, the contractor shall use Government-supplied format. 
    • Serve as a subject matter expert, participating in meetings, working groups, system demonstrations, and conferences as needed.
    • Provide briefings and presentation materials, conference or meeting materials, technical memoranda, and administrative reports in support of this Task Order.
    • Provide the Government with a copy of all documentation developed in support of the Task Order.
    • Conduct the required support and respond to tasks within an amount of time agreed upon by the contractor and the Government Lead.
    • Work with multiple organizations within the Navy responsible for systems control, integration, testing, security, and maintenance, as well as appropriate privacy and legal authorities and external partners.

    Required Experience/Qualifications

    • Possess a Certified Information Systems Security Professional (CISSP) certification and/or a Security+ certification.
    • Possess knowledge of and experience in the development and management of Insider Threat Detection Programs.
    • Possess five (5) years of experience in one or more of the following areas:  system development, testing, integration, implementation, and/or operations and maintenance.
    • Possess one (1) year of experience in the configuration, testing (functional and security), installation, maintenance, and upgrading of the Raytheon user activity monitoring software used on the Navy and ONI Insight Anomaly Detection System (IADS).
    • Possess five (5) years of experience in the configuration, testing (functional and security), installation, maintenance, and upgrading of with Red Hat Linux Operating System (OS).
    • Possess five (5) years of experience in the configuration, testing (functional and security), installation, maintenance, and 1 year of upgrading of the Microsoft Windows 7, Server 2003/2008 and Linux OS’s and its various Service Packs (SPs). 
    • Possess three (3) years of experience in the development, configuration, testing (functional and security), installation, maintenance, and upgrading of Oracle 10g and later databases.
    • Possess three (3) years of experience in the development and modification of policy triggers for automated Audit/Anomaly Threat Detection technology.
    • Possess three (3) years of experience in the integration of information systems and data sources.
    • Possess three (3) years of experience in generating system health and performance reports. 
    • Possess experience briefing other team members and/or senior management on findings and recommendations for resolution.
    • Possess three (3) years of experience in the development of technical system installation, configuration, and administration documentation.
    • Possess three (3) years of experience in the development of architecture diagrams utilizing diagramming software such as Microsoft Visio.

    Preferred Experience/Qualifications

    • Knowledge of and experience in the use of security information and event management tools (e.g., HP ArcSight and McAfee ePO Host Based Security System, etc.).

    Special Requirements/Security Clearance

    • Clearance: Top Secret/Sensitive Compartmented Information (TS/SCI) tickets SI/TK/G/HCS//

    An Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

    #CJ

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed