The Cyber Security Sustainment Engineer coordinates and provides technical guidance and leadership to a group engaged in supporting technical computer system design and operations. Coordinates and reviews work of others for techniques, procedures, and technical approach. Reviews the building and/or debugging of hardware and software to identify and correct difficult problems using technically advanced, problem-solving skills. Develops, modifies, and maintains complex computer system procedures. Interprets and analyzes processing anomalies for computer systems and takes corrective action. Oversees all test and installation of network/system connections, configures and debugs network/system equipment. Prepares and critiques technical reports and memoranda. Assists management in defining computer system requirements and upgrades. Authorizes the selection of new computer equipment including hardware and software. Coordinates and schedules system upgrades and maintenance. Typically requires an AS degree in a computer field and 8 years of related experience. Progressive and relevant education, training, and/or certification(s) may be substituted for a portion of the degree and experience requirements.
• Provide 24/7/365 crew support to protect and defend NORAD-NORTHCOM (N-NC) NIPRNET and SIPRNET operations in Cheyenne Mountain
• Perform persistent monitoring of all designated networks, enclaves, and systems
• Collect and assesses system logs, operational data, and other related system and network traffic
• Interpret, analyze, and report findings to the 21 CS Information Systems Security Officer (ISSO) and the operational crew commander in accordance with governing computer network directives, including initiating, responding, and reporting of discovered events
• Collect and report cyber metrics (to include CTO, TCNO or FRAGO directed requirements) to the 21 CS ISSO/Cybersecurity Lead
• When directed, execute operations in support of defensive initiatives
• Manage and execute first-level responses and address reported or detected incidents
• Associate’s degree with engineering or applied science focus with 2 years’ experience or 4 years’ equivalent experience without a degree
• Active TS/SCI clearance
•Must meet DoD 8140/8570 IAT Level II requirements (Security+CE, GSEC or similar)
• Possess or be willing to obtain within 6-months of start date if not already possessed - Operating System Certification for Microsoft
• General knowledge of physical computer components and architectures, including the functions of various components and peripherals, basic programming concepts, assembly codes, TCP/IP, OSI models, underlying networking protocols, security hardware and software
• Ability to explain, present, demonstrate (when applicable) and document the operational impact of a particular vulnerability or exploit
• Familiarity with NIST, DISA STIGS and in conducting DoD vulnerability and compliance assessments
• Must be self-motivated with ability to perform 10- to 12-hour shifts with minimal supervision
• Experience with toolsets such as Wireshark, SPLUNK, Metasploit, tcpdump, NMap, Nessus, Snort, Windows Fundamentals, UNIX fundamentals
• Experience with Cyber Threats Detection and Mitigation, Behavioral Malware Analysis
• Experience with, Advanced Network Traffic Analysis, Malicious Network Traffic Analysis
• Demonstrated ability to methodically analyze problems and identify potential solutions
• Ability to assist customer with implementing policies and tactics, techniques and procedures for conducting assessments
• Experience working with correlation environment tools (i.e., ArcSight)
Requires sitting for extended periods of time at a desk (90%). Requires sitting at a computer terminal for long periods of time (90%). There is a possibility that due to parking availability and location of work area walking moderate to long distances can sometimes be required.
Inside office/cubicle environment. Requires ability to interact professionally with co-workers and all levels of management (100%).
Requires ability to operate a personal computer, a telephone, copier, and other general office equipment (100%). Ability to conduct evaluation of third and fourth generation or current state of the art computer hardware and software and its ability to support specific requirements, interfacing with other equipment and systems.
Attendance is critical. Work hours are normally 8 hours per day and 5 days per week, Monday through Friday. Being prompt is important to provide continuous and on-going service to customers. Attendance is important to maintain continuity of service. Work outside of normal duty hours may be required with as little as one-hour advance notice. Overtime is infrequent, but important when required (1%).
Must be able to communicate effectively, both verbally and in writing. Must be able to interface with individuals at all levels of the organization. Must be able to obtain unescorted access to work areas. Grooming and dress must be appropriate for the position and must not impose a safety risk/hazard to the employee or others. IAT Level II certification is required. The minimum of an interim Secret level DoD Security Clearance is required.