Technical Task Order (TTO): Provide Tactics, Techniques, and Procedures (TTP), Tools, and Software Development, Integration and Test (SDIT) services for the IT enterprise systems engineering lifecycle of 1st IO CMD Networks and Mission Information Systems (MIS), including those networks/MIS designated for 1st IO CMD operations, mission deployments, training exercises and system development computing environments (CE). The work performed under this TTO enables the INSCOM/1st IO CMD the ability to deliver outstanding technical support and world-class technical delivery to several Brigade and Battalion-level Stakeholder Mission Networks, MIS, CEs, Mission Equipment and Engagement Platforms.
Assess Mission Assurance in support of IO Assessments (Blue Team Operations)
2) Provide certified and experienced vulnerability assessment analysts to conduct off-site system vulnerability, network architecture, policy and procedural, application, and system integrity reviews.
3) Provide certified and experienced vulnerability assessment analysts to conduct threat-based emulation and cyber red teaming against Army and DOD networks.
4) Assist with Development and Maintenance of CNSE Assessment Methodology, Tools, and Techniques
Perform protocol and input fuzzing in order to find vulnerabilities.
6) Perform analysis of disassembled code when source code is unavailable.
7) Develop exploits based on identified vulnerabilities.
8) Recommend fixes and mitigation for identified vulnerabilities.
9) Provide expertise of network security testing, server hardening, vulnerability scanning tools and penetration testing techniques.
Create/maintain adversary emulation tool-sets/development.
Contribute to technical and executive summaries of Blue Team missions.
Document tools, techniques, processes, and procedures
To qualify for the Cyber Defense Engineer Position the prospective candidate shall have the following minimum credentials/qualifications:
- TS/SCI Clearance
- Bachelor’s Degree (minimum) in the Area of Cybersecurity /or Computer Science from an Accreditation Board of Engineering and Technology (ABET) accredited college/university program, or four (4) years of equivalent software development and architecture practical experience supporting the IC, the DoD, Federal Community or Commercial Industry;
- DoD 8140 (formerly DoD 8570) Certifications – Minimum IAT- Level III at the time if hire (e.g., Certified Information Systems Security Professional (CISSP), CompTIA Advanced Security Practitioner (CASP), CISCO Certified Network Professional-Security (CCNP-Security), ISACA Certified Information Security Auditor (CISA),GIAC Certified Enterprise Defender (GCED), or GIAC Certified Incident Handler (GCIH)); in addition the candidate must also possess at the time of hiring a CSSP Auditor certification (e.g., Certified Ethical Hacker (CEH), CompTIA Cyber Security Auditor +(CySA+), ISACA Certified Information Security Auditor (CISA), GIAC Systems and Network or Auditor (GSNA)).
- Cyber Defense Engineer Practical Experience - At least four (4) years minimum of practical, hands-on experience and in-depth knowledge in the following technical areas –
o Network/MIS Hardware (HW) and System Configuration of Firewalls, Servers, Layer 2/3 Switches, Routers;
o NESSUS – Vulnerability Scanner for Information Assurance Vulnerability Management (IAVM);
o Network Architecture Fundamentals and Core Network Device/Appliance Functions (e.g., Servers, Routers, Switches, Firewalls, VMs);
o Practical working experience and knowledge of System, Security, Activity Audit Logs and/or Tier Security Information and Event Management (SIEM);
o Practical Penetration Testing Experience w/ Metasploit, Wireshark, BurpSuite, Nmap and SQLmap.
o Familiarity with Ports and Protocols Summary (PPS) and/or Port Security;
o Working knowledge of conventional and advanced information technologies used in either Commercial Industry, or; the United States Federal Government (USG), Department of Defense (DoD), and/or the Intelligence Community (IC);
- Experience with performing moderate to expert-level Technical Writing and performing technical reviews.
- Production of HW, Systems and Security Engineering Deliverables through the use of Microsoft VISIO – including technical documentation, white papers, artifacts and engineering work products (EWPs – e.g., Enterprise and System Architecture Documents such as Rack and Wiring Diagrams, Network Topologies)
- Offensive Security Certified Professional (OSCP), GIAC Global Industrial Security Professional (GISCP), GIAC Response and Industrial Defense (GRID) or GIAC Wireless Penetration Testing and Ethical Hacking (GAWN) is a plus.
Jacobs is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, religion, creed, color, national origin, ancestry, sex (including pregnancy, childbirth, breastfeeding, or medical conditions related to pregnancy, childbirth, or breastfeeding), age, medical condition, marital or domestic partner status, sexual orientation, gender, gender identity, gender expression and transgender status, mental disability or physical disability, genetic information, military or veteran status, citizenship, low-income status or any other status or characteristic protected by applicable law. Learn more about your rights under Federal EEO laws and supplemental language.
: United States-Virginia-Fort Belvoir-20361-VA45
: Nov 10, 2020, 1:45:55 AM
: Information Technology
Job Classification: Full-Time Regular
8825 Beulah St Nolan Bldg
Fort Belvoir 22060
Capabilities: Cyber Security