Job Description

Overview

Network Information Assurance specialist support Enterprise-class networks in the day-to-day operations in support of Computer Network Defense (CND), whose function is to deny adversaries access to information and information systems. The Network Information Assurance specialist is responsible for the operation and maintenance (O&M) of the technologies, to include, troubleshooting, optimization, administration, change management and technical documentation. The core network technology utilized is the McAfee Network Security Platform, which includes the Network Security Manager (NSM) and the physical Intrusion Prevention System appliances. Program: OMDAC-SWACA

Important Note: You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position.

This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program!

Responsibilities

+ Provide enterprise-level O&M support as part of the DoDIN Defense-in-Depth strategy. This includes ensuring the NSM stays viable in its reporting capability as well as understanding, identifying and resolving varied appliance disconnects. Additionally, analysts develop an understanding of current and future attacks which will assist in determining the difference between a bonafide attack, verified suspicious or nuisance reconnaissance, and normal network noise.

+ Perform blocking of Internet protocol (IP) networks when directed by the Government.

+ Monitor, operates, and maintain network-based Intrusion Prevention System (IPS) sensors.

+ Investigate possible network and Automated Information System (AIS) security events.

+ Generate reports and update trouble tickets as required.

+ Provide O&M support of the McAfee Network Security Platform (NSP), Network Security Manager (NSM) servers and IPS sensors (GUI and CLI).

+ Analyze stock IPS alerts on all enclaves to ascertain if the alert should be put into block status.

+ Create Access Control Lists (ACLs) (e.g. Firewall Policies) in the McAfee NSM for IP whitelisting.

+ Develop custom IPS signatures using McAfee and/or Snort rule format in response to a recent or potential intrusion; or in response to security research performed by members of the IPS team for preventative measures.

+ Perform in depth analysis using SIEM to include but not limited to: Reports, Queries, Active Channels, Active Lists, Integration Commands, Data Monitors, Dashboards, Filters, Correlation Development using Rules, etc.

+ Analyze potentially malicious traffic at the packet level using Wireshark.

+ Respond to potentially malicious installed files on remote hosts by pulling down files via remote desktop for analysis, discovering what services are running on the remote host via command line, etc.

+ Participate in CND exercises as requested by the Government to provide configuration and analysis of IPS alerts.

+ Elevated account management of RCC-SWA personnel including certification validation and Army Training and Certification Tracking System (ATCTS) utilization.

+ Utilize endpoint software to map software applications throughout the enclaves as well as to ensure appropriate versioning.

Qualifications

+ This position requires candidates to adhere to DoDD 8140.01. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification. The authorized certifications for this job title are listed as follows:

+ IAT Level: IAT III

+ BASELINE:

+ Cisco: CCNP Security

+ CompTIA: CASP+ ce: Advanced Security Practitioner

+ CompTIA: CySA+ ce: Cybersecurity Analyst

+ GIAC: GCED: Certified Enterprise Defender

+ GIAC: GCIH: Certified Incident Handler

+ ISACA: CISA: Certified Information Systems Auditor

+ ISC2: CISSP (or Associate): Certified Information Systems Security Professional

+ COMPUTING ENVIRONMENT (CE):

+ Cisco: CCIE: (Any)

+ Cisco: CCNP: (Any)

+ EC-Council: CEH: Certified Ethical Hacker

+ EC-Council: CHFI: Certified Hacking Forensic Investigator

+ EC-Council: CND: Certified Network Defender

+ Microsoft: Certified: Azure Security Engineer Associate

+ Microsoft: Certified: Azure Solutions Architect Expert

+ Microsoft: MCSA: Cloud Platform

+ Microsoft: MCSA: Windows Server 2012

+ Microsoft: MCSA: Windows Server 2016

+ Microsoft: MCSE: Core Infrastructure

+ Microsoft: MCSE: Productivity Solutions Expert

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.