Solutions71 is seeking a Host Based Security System (HBSS) SME to support a Department of Defense customer. The customer requires communication & IT services to support its CCE (C2 systems, information management systems, mail/message systems, and security systems). This support includes systems, networks, and telecommunication engineering & administration, information assurance, computer network defense, and web portal & application development as well as supporting electronic key management, project management, portfolio & configuration management, enterprise architecture, and knowledge & information management. Customer mission areas include: Information System Management Services (ISMS), Information Technology Services (ITS), Information System Administration Services (ISAS), Knowledge, Information and Application Services (KIAS), Cybersecurity and Information Assurance Services (CIAS), and Information System Support Services (ISSS).
Specific Duties / Tasks (include, but not limited to):
- Oversee day-to-day Computer Network Defense (CND) Host Based Security System (HBSS) services and is responsible for supporting information security technology disciplines and practices to ensure the confidentiality, integrity and availability of information assets in accordance with established standards and procedures.
- Install and maintain the HBSS components on the ePolicy Orchestrator (ePO) server and the managed servers and workstations, tuning the host intrusion prevention system (HIPS) in accordance with policy and guidance, monitoring the security health of the workstations and servers, updating detection signatures and/or access control lists based on vendor releases and/or intelligence reporting; maintaining cyber situational awareness by participating in working groups and attending meetings when HBSS representation is required (participation is limited to non-HBSS Support decision making activities); performing log analysis and event correlation to identify anomalous traffic. The contractor analyzes, interprets and recommends solutions for system shortfalls, discrepancies or improvements in technologies and security requirement, and provides official written recommendation on engineering solutions and complex trouble resolutions.
- Analyze and evaluate HBSS systems and recommend enhancements to their configurations, capabilities, IA aspects of major HBSS outages, and recommend remedial measures and Computer Network Defense (CND) trends in HBSS operations and infrastructure.
- Maintain Host Based Firewall Rule Sets and Host Intrusion Prevention Signatures (HIPS). Create and implement HIPS firewall rule sets for each system type including web servers, domain controllers, Structured Query Language (SQL) servers, workstations, kiosks and mobile platforms.
- Perform Incident Response, review/respond to alerts for every HBSS client (workstation and server) in the environment continuously. Deconflict false positive alerts and incorporate into existing firewall IDS/IPS policies throughout the architecture. Upon discovery of anomalous traffic, initiate incident response in accordance with the Cyber Incident Response Plan (CIRP).
- Provide configuration management summary of changes to maintain and validate changes to each system baseline and a HBSS Baseline Report to track system status, module deployments, and event trends.
- IAW DoD 8570.01-M, must meet CSSP minimum qualifications.
- Five years of experience related to IA, IT, CND, or defensive cyberspace operations.
- Experience managing and administering HBSS Endpoint Protection Components (AntiVirus/AntiSpyware (AV/AS), Device Control Module (DCM), Host Intrusion Prevention System (HIPS), Rogue System Detection (RSD)), Management Components (ePO Management Suite, McAfee Agent, SIM Connector, Windows Server Update System), and Reporting Components (Asset Configuration Compliance Module (ACCM), Asset Publishing Service (APS), Rollup Extender, ArcSight, Operational Attribute Module (OAM), Policy Auditor (PAC)) as a global administrator for multiple sites.
- Experience identifying and applying all applicable security requirements (STIGS, orders and directives)
- Experience using Microsoft Office tools (Word, Excel, PowerPoint, Outlook, and Visio) in preparing analytical reports, information papers, and briefings for executive level recipients.
- Certified Ethical Hacker (CEH) certification is highly desired
- Must possess an Active Top Secret Clearance with SCI eligibility
Solutions 71, LLC offers a comprehensive benefits package that offers:
- Competitive pay
- Medical and Dental Insurance
- Life Insurance
- Short and Long Term Disability
- 401k Plan with company match
- Paid Time Off
- Training and Certification Reimbursement
- Tuition Reimbursement
Visit our website at www.solutions71.com for company information.
Solutions 71, LLC is an EOE/M/F/VET/Disability