Job ID: 199377
Location: SHAW AFB, SC, United States
Date Posted: Sep 9, 2019
Subcategory: Cyber Ops Center Support
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: No
Join SAIC’s Information Technology (IT) Support Services Team in the Network Operations and Security Center (NOSC) of the US Air Forces Central Command (USAFCENT) Communications Directorate (A6). This opportunity places you at the tip of the spear for Engineering, Operations and Maintenance, Cyber Security, and Defensive Cyber Operations supporting the warfighter in the Southwest Asia area.
USAFCENT is the air component of United States Central Command (USCENTCOM), a regional unified command. USAFCENT, in concert with its coalition, joint and interagency partners, delivers decisive air and space power on behalf of USCENTCOM for the security and stability of the Southwest Asia (SWA) region. The USAFCENT NOSC delivers cyberspace command and control (C2) superiority to the warfighter by engineering, implementing, securing, managing, operating and maintaining USAFCENT’s Non-Classified Internet Protocol Router Network (NIPRNet), Secret Internet Protocol Router (SIPRNet), USCENTCOM Partner Networks (CPN-X), and associated C2 networks, systems and services.
The USAFCENT NOSC executes the full-spectrum of IT services management and operations for USAFCENT networks 24 hour-a-day, 7 day-a-week (24/7); and is tasked by USCENTCOM to provide information assurance (IA) boundary intrusion detection and intrusion prevention for USCENTCOM components. Comprised of NOSC operations, operations support, cybersecurity, network engineering, and command support functions, the USAFCENT NOSC plans, engineers, installs, integrates, operates and maintains, protects and manages enterprise-wide network and systems architecture, infrastructure and services; and provides enterprise-level oversight to its subordinate and supported communications support activities.
Candidates will be working at Shaw AFB, SC and/or Lackland AFB, TX. Frequent temporary duty (TDY) and/or deployment travel to OCONUS locations in the USCENTCOM AOR is required to support sustainment, site surveys, installations, upgrades, integration, testing, troubleshooting and other mission-related requirements.
The candidate for this position must possess full knowledge of the job, and have complete acquaintance with and understanding of the general and detailed aspects of the job and their practical applications to problems and situations ordinarily encountered.
Cybersecurity Operations Controller:
Provides security monitoring of an assigned system, local area network or enterprise network.
Performs tuning of network and system sensors to obtain required security information.
Performs security event monitoring and generates reports of identified incidents.
Supports incident investigations, and provides incident handling.
May conduct security scanning and vulnerability and IAVA management.
Supports network security monitoring, and security tool monitoring.
May provide tuning and management of IT security systems and applications.
Senior SOC personnel may be assigned as watch or shift supervisors, providing reports to CIOs, CISOs or senior operational management personnel.
Specific duties for this position include, but are not limited to:
Conduct network security monitoring and intrusion detection analysis using the USAFCENT/USCENTCOM selected security tools to include but is not limited to IDS/IPS, firewall, proxy, router, Microsoft Windows, Fidelis, and HBSS logs.
Research Net Defense (NetD) to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activates; enter event data into mission support systems according to operational procedures and reports to meet USAFCENT mission/tasking; and produce Suspicious Event Reports (SER) for suspicious traffic meeting established thresholds.
Track trends of authorized and unauthorized activity.
Correlate unusual and suspicious network activity across USAFCENT; and validate unusual network activity unique to a geographical region and sensor location.
Provide an overall site-analysis profile to serve as a benchmark to identify unusual or suspicious activity
Update incoming crews on the latest suspicious traffic identified during previous shift
Provide focused network defense, tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named network defense/cybersecurity operations and exercises
Assist in completion of network defense/cybersecurity statistical and trend data and operational event reporting when requested
Possess the following skill sets: extensive knowledge of network firewalls, computer and server log analysis, computer network servers (DNS, proxy, e-mail, domain controller, file server, Active Directory) and analysis of server logs.
Maintain current knowledge on new vulnerabilities and exploits. Develop methods to detect and prevent intrusive activities utilizing knowledge. Assist NOSC-Cybersecurity to develop countermeasures to isolate, contain and prevent intrusive actives and secure USAFCENT/USCENTCOM networks (to include IDS/IPS signature development and correlation rule sets).
Track, document, and report all security related events, including, but not limited to, Discharge of Classified Information and Cross Domain Violations IAW USCENTCOM/USAFCENT policy.
Coordinate and track Information Assurance Vulnerabilities Alerts (IAVA). Review and report USAFCENT compliance to USCENTCOM and develop Plans, Objectives, Actions and Milestones (POA&M) if unable to complete task.
AA Degree in related discipline and three (3) years related experience; Or, High School and five (5) years related experience with relevant certification.. In lieu of a degree, four (4) years of additional experience is required. In addition the following certifications and skills are required: Security + or CCNA – Sec, MCSA, MCP-Server (Cell only), Firewall, Network+ CE, ACAS, HBSS, and ITIL Foundation.
ITIL 4 Foundation certification or any ITIL v3 Intermediate certification. Any equivalent IAT-II certification, if not the certification listed above.
SAIC is a premier technology integrator, solving our nation's most complex modernization and systems engineering challenges across the defense, space, federal civilian, and intelligence markets. Our robust portfolio of offerings includes high-end solutions in systems engineering and integration; enterprise IT, including cloud services; cyber; software; advanced analytics and simulation; and training. We are a team of 23,000 strong driven by mission, united purpose, and inspired by opportunity. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $6.5 billion. For more information, visit saic.com. For information on the benefits SAIC offers, see Working at SAIC. EOE AA M/F/Vet/Disability