At this time, we can only accept candidates with an active TS/SCI WITH A COUNTERINTELLIGENCE POLY GRAPH (US Citizen) and local to northern VA.

Responsibilities include, but are not limited to:

• Perform tasks and complete customer requests using the ServiceNow delivery platform.
• Resolve incident tickets issued through ServiceNow.
• On-board customer’s assets consisting of operating systems, applications and network devices in multiple enclaves.
• Participate in Beta-testing future enhancements to the Audit Enterprise system and provide valuable feedback.
• Assist the Program/Project engineers in testing and implementing future enhancements.
• Utilize, evaluate and update all engineer instruction sets and SOPs.
• Ability to learn and perform the testing of sophisticated Audit SIEM platform applications in a physical and virtual environment.
• Perform various Linux and Windows systems administration tasks related to the operational system.
• Verification and validation that the segments are operating as desired, audit events are being processed, metrics generation, and ensuring that all required systematic audit events are being accomplished.
• Operate and multitask in a dynamic high tempo environment.
• Perform the engineering, integration, and administration support required for successful delivery of capabilities and services to the operational baseline.
• Perform work duties in a government environment as part of a multi-contractor team.
• Facilitate the enablement, collection, and verification of customer data within SIEM tools.
• Develop SIEM search queries to support Enterprise Audit service requirements.
• Ability to learn custom audit solutions with flex connectors and regex parsing.

Position Requirements:
• Minimum Education: B.S. or relevant experience in related field.
• Minimum/General Experience: 2-5 years of related experience.
• Must possess the required DoD Directive 8570.1 IAT Level II or higher certification or ability to obtain within 6 months.
• The ideal candidate will be able to work independently and in team environments and be able to take on tasks quickly with minimal direction.
• Strong organizational, analytical, and troubleshooting skills with a high level of attention to detail are required to succeed in this diverse environment.
• Should be able to demonstrate understanding and appropriate application of DoD policy and technical security guidance to information systems.
• A good understanding of Linux and Windows systems administration, general operating system security practices, TCP/IP networking, and network security concepts is required.
• Familiarity with the Certification & Accreditation process is preferable but not required.

Desired Skills:
• Ability to learn and comprehend from provided training in an individual contributor and team capacity.
• Experience with Security Information and Event Management (SIEM) platforms, preferable NetWitness and ArcSight.
• Experience with Linux, Windows Server and workstations, Red Hat and CentOS.
• Cloud environment experience and/or certifications.
• Ability to modify feed creation to ingest customer logs in a standard format to meet policy requirements.
• Experience with creating custom parsers to ingest unique metadata into a standardized log format.
• Working knowledge of current COTS Cybersecurity technologies.
• Familiarization with other Enterprise security services Host Base Security Service, and Enterprise Vulnerability Scanning Service, and Enterprise Audit
• Ability to clearly articulate ideas for executive – level as well as technical staff consumption
• Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.
• Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.

Clearance Requirement:
• Must possess an active TS/SCI w/ a CI polygraph.