Junior Infrastructure Security Operations Engineer

Description

Job Description:

Looking for an opportunity to make an impact? Join the Leidos Civil IT (CivIT) team in accelerating cybersecurity in a changing world where we make a difference by protecting critical networks for our government and commercial customers.

At Leidos, we deliver innovative solutions through the efforts of our diverse and talented people who are dedicated to our customers’ success. We empower our teams, contribute to our communities, and operate sustainable. Everything we do is built on a commitment to do the right thing for our customers, our people, and our community. Our Mission, Vision, and Values guide the way we do business.

Are you ready to challenge yourself with an organization that encourage & support career growth on an enterprise-wide scale? Your greatest work is ahead!

We are in search of an Infrastructure Security Operations Engineer, Junior to join our National Oceanic and Atmospheric Administration (NOAA) Cyber Security Center (NCSC) Security Operations & Engineering (SOE) team. As a Junior Infrastructure Security Operations Engineer, you will play a valuable part in supporting the NCSC’s mission to protect NOAA networks, computers, programs and data from cyber-attack damage and unauthorized access. You will perform a variety of assignments associated with managing and controlling computer information systems in a high paced environment. You will be part of a fantastic team working on multiple information systems in a high-demand setting ensuring the uninterrupted and secure day to day operation of the cyber security program.

If this sounds like the kind of environment where you can thrive while being challenged, keep reading!

Leidos Civil Group helps modernize infrastructure, systems, and security. We are a trusted partner to both government and highly regulated commercial customers looking for transformative solutions in mission IT, security, software, engineering, and operations. We work with our customers including the FAA, DOE, NASA, National Science Foundation, Transportation Security Administration, Custom and Border Protection, airports, and electric utilities to make the world safer, healthier, and more efficient. To explore and learn more about the Leidos Civil Group, click here!

Are you ready to make an impact? Begin your journey of a flourishing and meaningful career, share your resume with us today!

Primary Responsibilities Include:

• Provide technical services for the NOAA FISMA High system computers and networks used by the NCSC and ESOC to execute against their functions. This includes, but is not limited to, software patching and NIST 800-53rd high-impact security control configurations.
• Provide technical support for system upgrades, technical refreshes, or new builds per requirements set by the leadership team as well as functional leads
• Be a technical resource for individual projects when his or her knowledge and experience meet the requirements of the project group or task
• Provide critical incident response & problem management including root cause of system problems, such as configuration issues resulting in operational performance degradation or system outages, supporting the government with information and advice on the necessary correction actions and/or interim workarounds
• Provide onsite architectural and design, support, development, and administration
• Maintain knowledge of virtualization platforms, such as VMware vSphere, Red Hat Virtualization, Openstack, Docker Containers, etc.
• Provide Disaster Recovery recommendations/support for a Primary and Secondary site configuration
• Provide documentation support for designs, implementations, configurations, knowledge base articles
• Assist with security operations & engineering duties of backups, application maintenance, and OS patching, tuning, and troubleshooting
• Configure and manage Linux and Windows operating systems and install/load operating systems software, troubleshoot, maintain integrity and configures network components along with implementing operating systems enhancements to improve reliability and performance
• Provide support relative end-user issues regarding all services provided by SOE
• Support the project lifecycle for infrastructure projects
• Configure and validate secure systems
• With the guidance of higher level peers and functional leads, recommend system solutions ensuring proprietary/confidential data and systems are protected (i.e., system security upgrades, technical refreshes etc,.)
• Configure user access, end-user applications, and assist with other duties, as requested
• Adhere to Change Management process
• Must be able to multitask a variety of projects and tasks
• Provide on-call support for mission critical systems (rotational on-call)
• Develop detailed documentation to describe OS and COTS product deployment, configuration, upgrading, and maintenance for Change Management requests and Knowledge Content libraries
• With the guidance of higher level peers and functional leads, develop, configure, monitor & maintain Active Directory (AD) structure to ensure high availability and data consistency for AD objects, users, groups & organizational units; ensure AD is available for various authentication services used by users and/or equipment
• Develop and maintain technical documentation and diagrams related to the field communications systems equipment & networks
• Ensure documentation relative operational procedures, services, etc., are written and centrally accessible and updated as necessary
• Have strong communication skills and be a team player

Basic Requirements:

• B.S. in Computer Science, Computer Engineering, Information technology, or other Cyber Security field from an accredited university or less than 2 years of relevant experience. Additional years of relevant experience and/or technology certifications may be considered in lieu of degree.
• Experience with various operating systems (windows server, RHEL), patch management, and Active Directory
• Experience designing, implementing, and configuring systems infrastructure
• Experience providing O&M support to complex, mission-critical systems
• Experience working independently and collaboratively to troubleshoot and correct operational issues
• Experience working closely with customers and users to troubleshoot and resolve complex user issues
• Ability to work and brief customers to include senior management
• Knowledge of management of classified systems and the required security guidelines associated with secure facilities
• Experience with Information Assurance (IA) hardening and compliance, i.e. STIG & DSS compliance, documentation, etc.
• Must be able to support the daily maintenance, configuration, and security servers, workstations, and other network peripherals in a mixed Linux and Windows environment
• Must be able to work collaboratively with other system administrators, system engineers, and network engineers in a team environment
• Experience configuring, designing, implementing and troubleshooting with following technologies:
  • Dell PowerEdge R940 servers & iDRAC
  • Active Directory (AD), AD Certificate Services
• VMware Knowledge
  • vSphere 5.x/6.x
  • Site Recovery Manager
  • vSphere Replication
  • vCenter/Platform Services Controller
• Knowledge of RHEL 6/7/8
• Knowledge of Redhat Satellite 5.x/6.x
• Knowledge of scripting languages (PowerShell, PERL, Jscript, Unix Shell, Python, etc.)
• Strong organizational skills and ability to multi-task and successfully manage competing/changing priorities.
• Knowledge of key concepts in security management (e.g., Release Management, Patch Management)
• Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs
• Knowledge of new and emerging information technology (IT) and cybersecurity technologies
• Knowledge of specific operational impacts of cybersecurity lapses
• Knowledge of system life cycle management principles, including software security and usability
• Demonstrated experience in cyber security design, engineering and operations
• Knowledge of auditing and logging procedures (including server-based logging)
• Knowledge of basic system, network, and OS hardening techniques
• Knowledge of cyber threats and vulnerabilities
• Knowledge of cybersecurity and privacy principles
• Knowledge of file system implementations (e.g., New Technology File System [NTFS], File Allocation Table [FAT], File Extension [EXT])
• Knowledge of IT system operation, maintenance, and security needed to keep equipment functioning properly
• Knowledge of measures or indicators of system performance and availability
• Knowledge of physical computer components and architectures, including the functions of various components and peripherals (e.g., CPUs, Network Interface Cards, data storage)
• Knowledge of security implications of software configurations
• Knowledge of specific operational impacts of cybersecurity lapses
• Knowledge of virtualization technologies and virtual machine development and maintenance
• Ability to write and verbally communicate effectively to both technical and non-technical audiences
• Ability and drive to quickly learn new software and IT concepts
• Knowledge: Windows, Archer, ThreatConnect, FireEye, Tenable/Nessus, WebInspect, SCCM, VMWare, FreeNAS/Pure/NetApp storage, and PKI certificate management.

Preferred Experience, Skills, and Education:

• Cyber Security Training or Certification (ie Securty+, Network+, SPLUNK, FireEye)
• Knowledge of NIST SP 800 53 series or ISO 27000 series documents
• Windows 10 security best practices and configurations
• Understanding of advanced threat detection in an enterprise environment
• Understanding of malware families, their types, and the threat they pose
• Proficiency with Microsoft Windows administrative & troubleshooting tools
• Demonstrated experience performing cybersecurity analysis from an operations & engineering perspective
• Experience designing, developing, integrating, implementing, operating, and analysis of cybersecurity technologies
• Experience administering network & security appliances
• Experience with Splunk (preferred) or other SIEM platform

• Skill in troubleshooting and diagnosing cyber defense infrastructure anomalies and work through resolution
• Skill in conducting system/server planning, management, and maintenance
• Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
• Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system
• Skill in applying and incorporating information technologies into proposed solutions
• Skill in developing and applying security system access controls
• Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• Skill in independently making configuration updates to ensure system availability requirements
• Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.)
• Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, and high-stress situations
• Understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support

Clearance / Citizenship:

• Must be able to obtain and maintain security clearance, specifically DoD/Secret Clearance or TS/SCI (Interim Secret acceptable).
• US Citizenship is required

Location:

• Fairmont, WV

Pay Range:

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.