Trace Systems

Returning Candidate?

Computer Network Defense Division Chief (+)

Computer Network Defense Division Chief (+)

Job ID 
2017-2053
# of Openings 
1
Job Locations 
US-AZ-Sierra Vista
Posted Date 
10/2/2017
Category 
..

More information about this job

Overview

Trace Systems, headquartered in Vienna, Virginia, was founded in 1999 to support and defend our nation's security interests at home and abroad–– whenever and wherever. We provide cybersecurity, intelligence, communications, networking and information technology services, systems, and solutions to the United States Department of Defense, Intelligence Community and Department of Homeland Security.

 

Job Title: Computer Network Defense Division Chief

 

Job Location: Sierra Vista, AZ

 

Security Clearance:  Secret

 

Certifications: Global Information Assurance Certification (GIAC) – GISF Information Security Fundamentals or equivalent and a CND-IS Baseline Certification- Any ONE of the following would qualify: CEH, CSA+, GICSP, SSCP

Job Responsibilities

Provides oversight and general instruction to the Computer Network Defense Division at Fort Huachuca. Responsibilities include:

  • Develop Intrusion Protection System/Intrusion Detection System (IPS/IDS) procedures; correlate and react to security events; perform first- and second-level triage; and forward suspicious activity to the DCO-D.
  • Use a Security Information Management (SIM) tool to aggregate approximately 13.6 million security events per day from multiple sources, which include Intrusion Protection System sensors, Intrusion Detection System sensors, and Primary Internet Exchange (PIX) Firewall, proxy, router, ePO servers, and server system logs. During the life of this contract, other sources may be Active Directory domain controllers and DNS servers.
  • Perform advanced systems administration for the enterprise CND sensor mission relative to platform architecture, configuration, lifecycle support, and technology refresh and infusion.
  • Develop and document disaster recovery procedures for USARCC-C managed CND systems, including IPS/IDS, system baseline tools (e.g., ESM), host-based systems and agents, server managers, applications, and remote management systems. Store written procedures in the USARCC-C Document Management System (DMS) database.
  • Perform daily backups, implement system upgrades, and verify system configurations, accounts, and passwords conform to baseline standards.
  • Coordinate with installation NECs or customer points of contact on sensor installation and troubleshooting. Maintain points of contact rosters for NECs or NEC-like entities that provide on-site technical support and update rosters as new information is received.
  • Monitor CND infrastructure assets for failures, performance degradations, or loss of security event visibility, and take corrective action to restore the system to full operation for real-time monitoring of security events.
  • Establish and maintain written procedures to set up, track, and document status and location of hardware and software for each baseline of sensors. Store written procedures in the USARCC-C Document Management System (DMS) database.
  • Maintain, update, test, and implement signatures and policies for each baseline of sensors managed by USARCC-C; changes must be approved through the established ITIL process.
  • Build, configure, and assist with implementation of newly fielded sensors that support USARCC-C CND missions.
  • Monitor all sensors and agents managed by the USARCC-C for security event analysis and response. Respond to a detected event and perform triage, ensure proper handling of the associated trouble ticket (TT), and process events according to the USARCC-C CND SOP and appropriate TTPs.
  • Maintain and update the triage database with current threat data and response methods.
  • Maintain and update SIM tool software rules for optimal detection of malicious or unauthorized activity.
  • Report system incidents and problems according to USARCC-C CND SOPs and service level agreements (SLA).
  • Validate security event information from the ITSM ticket which includes at a minimum event name, date, time, location, source IP address, destination IP address, source ports, and destination ports. Contact the responsible NEC if additional information is required.

Minimum Qualifications

  • 15+ years of related computer defense experience
  • GISF or equivalent as well as a CND-IS Baseline Certfication (CEH, CSA+, GICSP, SSCP)
  • Must be able to listen to and understand customer expectations and concerns, and assures customer we are executing project effectively

Education

  • High school education or equivalent

Security Clearance

  • Secret

To Apply: We invite you to put your talents to work by joining a growing team of dynamic professionals here at Trace Systems! Be part of a culture at our leading edge company where you can achieve great things while fostering a satisfying and rewarding career progression. Please apply directly through the website at: www.tracesystems.com.      #jointracesystems

 

For any additional questions or to submit any referrals, please contact dclement@tracesystems.com

Trace Systems is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Connect With Us!

Not ready to apply? Connect with us for general consideration.