Huntington Ingalls Industries Cybersecurity System IA / McAfee SME - 18966 in Kaiserlautern, Germany
Cybersecurity System IA / McAfee SME - 18966
Position Location Kaiserlautern, Germany
Requisition # 18966
# of Openings 1
HII-Mission Driven Innovative Solutions, Inc. (HII-MDIS)provides mission-critical engineering and technical service to Information Technology, Federal Civilian, and National Security, Aerospace & Defense and International government and commercial customers at over 100 locations worldwide.
HII-MDIS is currently seeking a Cybersecurity System IA / McAfee Subject Matter Expert (SME) to work out of their Kaiserslautern, Germany office.
The Cybersecurity System IA SME will provide cybersecurity support for all Warrior Preparation Center (WPC) networks. The Cybersecurity System IA SME will design, implement and maintain SIEM workflow using McAfee ESM & ELM infrastructure. The Cybersecurity System IA SME will monitor networks to actively remediate unauthorized activities and follow Security Technical Implementation Guidelines (STIGS) to baseline M&S/LCV systems and implement IA guidelines in accordance with the Risk Management Framework (RMF) as applicable. The Cybersecurity System IA SME will maintain system/network situational awareness and be prepared for the follow-on phase after RMF.
Duties and Responsibilities (to include but not be limited to the following):
Support the sustainment of the accredited cybersecurity posture of the WPC’s domain enclaves by actively tracking and maintaining each network’s cyber-vulnerability level and system compliance to applicable DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs).
Oversee and have knowledge of the operation and maintenance for Assured Compliance Assessment Solution (ACAS) systems and scan/report production processes.
Provide technical inputs for Cyber Vulnerability Management (CVM) and Risk Management Framework (RMF) Plans of Action and Milestones (POA&Ms) regarding remediation timelines or vulnerability mitigation to sufficient detail.
Identify, design and configure use cases/rules that address specific enterprise needs as well as evaluate existing SIEM standard content and use cases and adapt them to meet enterprise goals.
Develop and test new correlation content and use cases using SIEM filters, rules, data monitors, active lists, and session lists.
Develop and test new monitoring tools using SIEM active channels, dashboards, reports, and trends.
Monitor and maintain overall system health of the SIEM.
Identify opportunities to add-value to our managed security services.
Develop and coordinate the implementation of security counter-measures with the appropriate organizations.
Develop and recommend security policies, standards and configurations.
Designs and implements the system logic to detect security threats.
Provide system architecture design and planning for new SIEM/Log Management deployments in both hosted and cloud environments.
Integrate different log sources into SIEM services.
Provide recommendations for improvements on the existing set up.
Write new correlation rules & fine tune existing rules in McAfee ESM.
Provide security engineering to implement security controls and ensure these controls do not degrade performance and availability requirements needed to execute and sustain M&S/LVC exercises/events.
Report security findings and issues associated with the SIEM/Log Management suite to the appropriate Cybersecurity POCs.
The contractor shall provide M&S/LVC cybersecurity to include the following:
a. Collaborate with Cybersecurity POCs to address system security posture and log events.
b. Conduct and attend technical exchange meetings.
c. Review system architecture and RMF as well as their respective C&A documentation.
d. Document problem areas and provide recommendations for a resolution.
e. Conduct site visit follow-up on issues and resolutions.
f. Document recommendations for process improvements.
Review system alarms from the SIEM (e.g., documents) for accuracy and perform hands-on testing of system security features.
Conduct facility visits to observe the actual processes related to each IA control (technical, personnel, operational, or management in nature).
Utilize tools such as Retina and Nessus scanners, DISA System Readiness Review (SRR) and Gold Disks, and database and web server security test tools.
Qualifications and Experience:
Minimum 5 years data administration experience.
Understanding of DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.
Comprehensive knowledge of Physical Security principles, methods, and techniques.
Experience with ACAS, HBSS or Tenable Nessus vulnerability scanners necessary.
DOD 8570.1 IAT Level II Certification required.
Operating system certification required i.e. Microsoft Certified Solutions Expert and/or Red Hat Certified System Administrator.
- Familiar with McAfee SIEM suites, McAfee Endpoint Security, Microsoft Windows environment, UNIX, Linux, Hyperconvergence technology, VMWare, VDI zero client architecture.
All candidates will be subject to a pre-employment background investigation and drug screening per HII requirements.
Possess and maintain an active Secret clearance.
The selected applicant will be subject to a security investigation and must meet eligibility requirements for access to classified information.
Huntington Ingalls Industries is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected class.