Senior Computer Network Defense (CND) Engineer (IT/CSWF: Cyber Defense Infrastructure Support Specialist
Clearance Requirement: Top Secret/SCI and Willing to take a CI polygraph
Position Description:
The Senior Computer Network Defense (CND) Engineer tests, implements, deploys, maintains, review, and administers the hardware, software, and documentation required to support the CND capabilities. This may include, but is not limited to, Splunk, Security Information and Event Management (SIEM) products, vulnerability scanning tools as deployed within hosted Information Systems. Develops and manages the tools, tactics, and techniques that will be used to monitor the network to actively remediate unauthorized activities (dashboards, queries, scan policies, etc.). Develops and maintains system documentation as it pertains to CND capabilities and their implementation (CONOPs, SOPs, etc.).
Provides reports as needed for the health, wellness, and availability of CND tools within hosted information systems and addresses any issues in a timely manner.
Position Qualifications:
· Shall have 7 or more years of experience in implementing and maintaining CND technologies on a multi-platform (Windows, Red Hat, etc.) enterprise-grade WAN.
· Shall have 4 or more years of experience in implementing, maintaining, and operating a SIEM and/or vulnerability scanner product.
· Shall have 4 or more years of experience in maintaining and operating Red Hat Enterprise Linux servers.
Shall meet the Cyber IT/Cybersecurity Workforce (CSWF Cyber Defense Infrastructure Support Specialist (521); Intermediate Level for SECNAV M-5239.2 compliance. (See Navy Cool WebSite)
Education: Bachelor Degree from accredited University; OR
Training: CYBR1005 Security Essentials; or CYBR1100 Network Traffic Analysis; or CYBR2100 Certified Ethical Hacker; or CYBR2400 Cyber Operator Training Course; or Hunt Methodologies Course (HMC); or Intermediate Cyber Core (ICC); or
NEC 742A Network Security Vulnerability Technician; or NEC H08A Advanced Network Analyst; or
NEC H10A Basic Cyber Analyst/Operator; or NETW 4001 Security Plus; OR
Certification: Certified Ethical Hacker (CEH); or GIAC Security Essentials Certification (GSEC); AND
OJT: NAVEDTRA 43469 Watchstation 302 - Information Assurance Technician Level II (Privileged User); AND
Continuous Learning: DoD requires 20 hours Continuous Learning each calendar year. This requirement is in addition to any industry certification Continuous Learning requirement. [Note: DoD 20 hours Annually - Industry certification Continuous Learning may be applied towards DoD 20 hour annual requirement. However, not all DoD Continuous Learning hours can be applied to industry certification Continuous Learning requirement, check with certification agency on what may be accepted.]; AND
Operating System/Computing Environment Certificate: Operating System/Computing Environment (OS/CE) certificate of training, as dictated by Command Cyber IT/CSWF-PM; AND
Sign Privileged Access Statement: System Authorization Access Request (SAAR) with Privileged Access agreement as required by Local Command.
Desired Qualifications:
· 7 or more years of experience developing, maintaining, and operating Splunk or other equivalent SIEM product.
· 7 or more years of experience in developing, maintaining, and operating Tenable/ACAS or other equivalent vulnerability scanner product.
· 7 or more years of experience with Red Hat Enterprise Linux or other equivalent Linux product.
· 4 or more years of experience with evaluating technologies in accordance with DISA STIGs (Windows, Red Hat, Cisco, etc.) and providing applicable remediation guidance.