The Cybersecurity Engineering Support team leads enterprise cybersecurity technology design, implementation, and execution. Their initiatives include asset discovery and authorization, network protection services, and visibility services. This portfolio collaborates across the enterprise to enhance automated security services for assets, data, and the network, including endpoint protection, network security and infrastructure governance, enterprise certificate management, and web, email, and cloud security. In support of Cybersecurity Engineering, the subcontractor will provide expert technical assistance as needed and as described in Statement of Work (SOW) for current and future cybersecurity systems. 

Responsibilities

• Responsible for architecture, design, and implementation of cloud security solutions and enterprise application migrations from on-premises infrastructure to the cloud.
• Responsibility includes:
  Guiding the design and implementation of secure solutions and services across our business and IT support areas.
  Security architecture across a variety of applications or domains, including cloud computing, and assigned to project/initiatives of large size, complexity, and risk.
  Driving successful configuration and implementation of security solutions to reduce risk.
  Developing actionable security blueprints, principles, models, designs, standards, and guidelines to ensure information technology architecture and support is consistent, usable, secure, and adds value to the business.
• Lead special projects or investigations into specific technology or solution issues and to shepherd research and piloting of new technologies.
  Serve as a point of contact for engineering efforts and has overall responsibility for the accuracy and integrity of the customer's private enclave while maintaining compliance with the customer's enterprise-wide architecture policies and guidelines.
• Data Security Services; Cloud Security, Data Protection, Visibility, Analytics, and Automations.
• Implement and manage tools and services that prevent the accidental or intentional exposure or loss of sensitive data.
• Provide protection for cloud services and other cloud assets against attack detection, data exfiltration perspective, and identity abuse.
• Deploy security solutions, on premise and cloud, Microsoft, Google, AWS, and other cloud service providers as required.
• Secure and protect data on premises and within cloud assets.
• Use data collection, aggregation, and analysis capabilities to detect, analyze, and automate cyberthreat mitigation.
• Utilize Operational Analytics Platform (OAP) tools to maintain optimal performance of the tools.
• Participate in requirements gathering, solutions architecting, design and build of technology solutions to support CISO tools.

Asset Security Services: Asset Discovery, Asset Protection, Cybersecurity Orchestration and Automations

• Implement solutions improving identification, documentation, authorization, and management of network-connected hardware and hosted software assets throughout their lifecycle.
• Implement services facilitating multi-source data integration, custom inter-application orchestration, and proprietary application development.
• Conduct asset visibility activities leveraging multiple public cloud environments, a large, geographically diverse, on-premises environment, and multiple fleets of mobile computing devices. 
• Knowledge-of and ideally experience-with unique requirements for resolving Internet of Things and Operational Technology asset discovery issues in addition to more common Information Technology assets. 
• Experience with IT life cycle with commercial off the shelf- and proprietary- software and hardware, as well as systems administration (i.e., Microsoft Windows, Linux/Unix, cloud services, and network infrastructure devices).
• Implement configuration and hardening standards, check compliance, and assess vulnerabilities of discovered assets. Experience doing this at a large enterprise.
• Implement solutions that reconcile observed- and authorized- assets. 
• Assist with on premise and cloud deployments of managed solutions.
• Boundary Protection Services: Network Security, Web Security, Certificate Authority Operations, Network Infrastructure Governance
• Continuously analyze network traffic using signature and non-signature-based solutions (both external boundary networks and internal networks).  
• Implement Network Anti-Malware, Intrusion Detection and Prevention Systems, and Detonation Chamber capabilities as security solutions.
• Develop secure architectures and cybersecurity technology solutions.
• Planning, engineering, and deployment of technology solutions (including EDR/XDR, FW, NGIPS, SIEM). 
• Monitor and interpret traffic analytics to help identify malicious traffic. 
• Analyze and interpret raw data using Splunk and other analytic tools and statistical techniques. 
• Certified in one or more of the following: Windows, CompTIA Network+, Cisco Certified Network Associate (CCNA), Cisco Certified, Networking Professional (CCNP), or Palo Alto Networks Certified Network Security Engineer (PCNSE). 
• Knowledge of security standards and best practices, including but not limited to: DISA STIGs, NIST 800, Cybersecurity Framework, and CIS Benchmarks.
• Knowledge of enterprise infrastructure design requirements: Data center, Cloud (Azure, GCP, AWS, PaaS/IaaS/SaaS), Software defined networks/SASE, Trusted Internet Connections (TIC), Enterprise certificate authority/PKI operations, DNS/DHCP security, DDoS/WAF, Network access control, and Wireless network security. 
• Implement, maintain, and troubleshoot BOT protection, Fraud Protection, Web Application Firewall/Content Delivery Network appliances across select customer applications and ensure its peak performance. 
• Implement and automate security to known externally facing applications.
• Manage the Public Key Infrastructure and digital certificates for the enterprise. 
• Provide infrastructure experience with one or more in any combination of the following: IT Sys Admin, Server Admin, Networking, Active Directory/LDAP (Lightweight Director Access Protocol), Unix/Linux or Virtualization and Access control administration.
• Provide experience with certificate management tools (ideally Venafi, Microsoft CA and HSMs). 
• Troubleshoot digital certificate issues. Enterprise experience with certificate authority/PKI operations.   
• Utilize technologies that use TLS/SSL encryption (e.g., F5, Netscaler, IIS, Apache, WebLogic, WebSphere, etc.), Infrastructure IT (Systems Administration, Network Administration Windows/Linux OS, Network Administration, Active Directory and/or Virtualization), and server virtualization technologies (VMWare, HyperV).
• Experience and familiarity with network discovery tools.
• Utilize scripting (e.g., Python, PowerShell). 
• Utilize Firewall Rule Optimization services to eliminate unauthorized access and exposure to Mail Processing Equipment (MPE) and other assets.
• Provide support to a nationwide implementation of firewalls (Validate, test, and manage firewall rules).
• Experience with network firewalls and rule configuration for Cisco devices. 
• Develop and document procedural guides, SOPs, and process flows. 
• Contribute to the improvement of processes, reduction of risks, enhanced controls and/or improved customer satisfaction. 
• Demonstrable awareness of Splunk reporting (preferred).  
• Demonstrable knowledge of and engineering for Windows, Unix, and Cisco

• Advanced knowledge of fraud detection techniques and tools
• Proven analytical and problem-solving skills 
• Experience and familiarity with data analysis tools/software (i.e. SAS, SQL,etc) and coding 
• Security device management
• Traffic and log analysis
• Strong understanding of TCP/IP, UDP/IP, DNS, DHCP
• Knowledge of TCP, understanding network, protocol, and application traffic flows
• Ability to troubleshoot basic network issues including IPv6.
• Proven ability to multi-task
• Knowledge of best practices and IT operations in an always-up, always-available service
• Manages time effectively.
• Creative thinking skills
• Detail-oriented personality.
• Ability to maintain effective communication and working relationships with co-workers.
• Works on high-visibility, or mission critical aspects of a given program, and performs all functional duties independently.
• Oversees the efforts of direct reporting resources and/or be responsible for the efforts of all staff assigned to a specific job.

Education: 

• A minimum of (20) years’ relevant experience.
• A degree from an accredited College/University in the applicable field of services is preferred. four additional years of relevant experience in lieu of a college degree is required. If the individual’s degree is not in the applicable field, then four additional years of related experience is required.

Additional Provisions:

• Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
• If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.  
• All candidates must be a US Citizen. 
• Candidate must have lived in the United States for the past 5 years. 
• Cannot have more than 6 months’ travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)