Join our Talent Network >

Vulnerability Management Analysis

This job posting is no longer active.

Job ID: 199386
Location: SHAW AFB, SC, United States
Date Posted: Jun 2, 2020
Category: Cyber
Subcategory: Cyber Sec Analyst
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Secret
Clearance Level Must Be Able to Obtain: Secret
Potential for Teleworking: No

Share: mail

Job Description

Description

Join SAIC’s Information Technology (IT) Support Services Team in the Network Operations and Security Center (NOSC) of the US Air Forces Central Command (USAFCENT) Communications Directorate (A6). This opportunity places you at the tip of the spear for Engineering, Operations and Maintenance, Cyber Security, and Defensive Cyber Operations supporting the warfighter in the Southwest Asia area.

 

USAFCENT is the air component of United States Central Command (USCENTCOM), a regional unified command. USAFCENT, in concert with its coalition, joint and interagency partners, delivers decisive air and space power on behalf of USCENTCOM for the security and stability of the Southwest Asia (SWA) region. The USAFCENT NOSC delivers cyberspace command and control (C2) superiority to the warfighter by engineering, implementing, securing, managing, operating and maintaining USAFCENT’s Non-Classified Internet Protocol Router Network (NIPRNet), Secret Internet Protocol Router (SIPRNet), USCENTCOM Partner Networks (CPN-X), and associated C2 networks, systems and services.

 

The USAFCENT NOSC executes the full-spectrum of IT services management and operations for USAFCENT networks 24 hour-a-day, 7 day-a-week (24/7); and is tasked by USCENTCOM to provide information assurance (IA) boundary intrusion detection and intrusion prevention for USCENTCOM components. Comprised of NOSC operations, operations support, cybersecurity, network engineering, and command support functions, the USAFCENT NOSC plans, engineers, installs, integrates, operates and maintains, protects and manages enterprise-wide network and systems architecture, infrastructure and services; and provides enterprise-level oversight to its subordinate and supported communications support activities.

 

Candidates will be working at Shaw AFB, SC and/or Lackland AFB, TX. Frequent temporary duty (TDY) and/or deployment travel to OCONUS locations in the USCENTCOM AOR is required to support sustainment, site surveys, installations, upgrades, integration, testing, troubleshooting and other mission-related requirements.

 

The candidate for this position provides technical solutions to a wide range of difficult problems where analysis of data requires evaluation of identifiable factors, provides imaginative, thorough, and practicable solutions consistent with organization objectives, possesses complete understanding and wide application of technical principles, theories, and concepts in the field, has general knowledge of other related disciplines, and provides direction to employees according to established policies and management guidance.

 

Vulnerability Management Analysis:

  • Designs, tests, and implements secure operating systems, networks, security monitoring, tuning and management of IT security systems and applications, incident response, digital forensics, loss prevention, and eDiscovery actions.

  • Conducts risk and vulnerability assessment at the network, system and application level.

  • Conducts threat modeling exercises.
  • Develops and implements security controls and formulates operational risk mitigations along with assisting in security awareness programs.

  • Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access.

  • Researches, evaluates and recommends new security tools, techniques, and technologies and introduces them to the enterprise in alignment with IT security strategy.

  • Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions. 

  • Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring.

  • Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards.

  • Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.

  • Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. 

  • May support cyber metrics development, maintenance and reporting.

  • May provide briefings to senior staff.
  • Utilizes COTS/GOTS and custom tools and processes/procedures in order to scan, identify, contain, mitigate and remediate vulnerabilities, and intrusions. 

  • Assists in the implementation of the required government policy (i.e., NISPOM, DCID 6/3), and makes recommendations on process tailoring.

  • Performs analyses to validate established security requirements and to recommend additional security requirements and safeguards.

  • Supports the formal Security Test and Evaluation (ST&E) required by each government accrediting authority through pre-test preparations, participation in the tests, analysis of the results, and preparation of required reports.

  • Periodically conducts a review of each system's audits and monitors corrective actions until all actions are closed. 

  • May support cyber metrics development, maintenance and reporting.

  • May provide briefings to senior staff.  

Specific duties for this position include, but are not limited to:

  • Install, configure, maintain, and manage the USAFCENT/USCENTCOM security devices to include but is not limited to IDS/IPS, ArcSight Enterprise Security Manager, ACAS and associated Virtual Private Network (VPN) equipment/configurations; and assist in development and documentation of sensor processes and checklists.

  • Develop methods to detect and prevent intrusive activities utilizing knowledge. Assist NOSC-Cybersecurity to develop countermeasures to isolate, contain and prevent intrusive actives and secure USAFCENT/USCENTCOM networks (to include IDS/IPS signature development and correlation rule sets).

  • Monitor network traffic to determine system vulnerabilities and required fixes; apply established network security procedures, logs and makes recommendation for correcting network security incidents; and coordinate the escalation of security issues requiring detailed analysis to Security Analyst.

  • [Conduct network security monitoring Enterprise wide vulnerability scanning with ACAS].

  • Research for interpretation and verification of scan operations.

  • Perform Patching of Red Hat Linux / Nessus scanner application / Tenable Security Center application.

  • Provide reports and metrics during contingency operations and in support of named network defense/cybersecurity operations and exercises.

  • Maintain current knowledge on new vulnerabilities and exploits. Develop methods to detect and prevent intrusive activities utilizing knowledge. Assist in developing countermeasures to isolate, contain and prevent intrusive actives and secure.

  • Review STIGs compliance quarterly for changes and implement.

  • Provide advanced traffic analysis.
  • Assist in completion of network defense/cybersecurity statistical and trend data and operational event reporting when requested.

  • Coordinate and track Information Assurance Vulnerabilities Alerts (IAVA). Review and report USAFCENT compliance to USCENTCOM and develop Plans, Objectives, Actions and Milestones (POA&M) if unable to complete task.

  • Track trends of authorized and unauthorized activity.

  • Provide incident response and analysis.
  • Maintain current knowledge on existing and new malware behavior and propagation characteristics.

  • Maintain current knowledge on the anti-virus tools currently in use by USAFCENT/USCENTCOM.

  • Develop methods to identify, contain, log, and analyze malware-based activities on USAFCENT networks.

  • Provide vulnerability analysis.
  • Utilize DoD mandated vulnerability scanner to scan for vulnerabilities on the USAFCENT enterprise.

  • Assist in providing reports and metrics as required by active duty, government civilians, and contractors.

  • Track USAFCENT vulnerability and patch compliance, and provide trending analysis.

  • Provide security device maintenance.
  • Support USCENTCOM operations by providing the capability to “omit” or filter sensor traffic and alerts reporting activity based on USAFCENT NOSC-Cybersecurity’s instruction that traffic does not need to be reviewed in a “real-time” operation by analysts.

  • Provide technical advice and assistance to the USAFCENT NOSC-Cybersecurity to resolve network issues and perform actions necessary to ensure IDS/IPS sensors are collecting and reporting network activity; and diagnose and resolve end user problems; and ensure the end users adhere to the proper security policies and procedures.

  • Conduct troubleshooting and fault isolation to ensure network connectivity to the sensor equipment. Establish VPNs between AF and USCENTCOM sites for protected communications. Maintain commercial off the shelf (COTS) and access control lists to restrict unauthorized access to network resources.

  • Contractor shall manage and maintain control of network intrusion detection systems (IDS). Ensure end-to-end operations for network and information technology systems.

  • Provide intrusion detection.
  • Examine logs and information gained from network sniffers or protocol analyzers to determine if possible, outside or unauthorized access has occurred.

  • Track and record possible intrusion or security breach from routine daily analysis for successful anomaly/intrusion identification, including writing detailed analysis for legal use.

  • Provide oral or written findings and explanation of events for any legal actions associated with security breaches.

  • Provide vulnerability assessments.
  • Use vulnerability toolsets to determine networks and systems security weaknesses and shortfalls.

  • Research and coordinate vulnerability finding with Security Analysis to provide detailed fix actions.

  • Coordinate with other computer emergency response team (CERT) to ensure latest known vulnerabilities are properly identified and corrected.


Qualifications

Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.  In lieu of a degree, four (4) years of additional experience is required.  In addition the following certifications and skills are required: CEH, MCSA, Firewall, Network+ CE, ACAS, and ITIL Foundation.



Overview

SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability

Share: mail