Join SAIC's Information Technology (IT) Support Services Team in the Network Operations and Security Center (NOSC) of the US Air Forces Central Command (USAFCENT) Communications Directorate (A6). This opportunity places you at the tip of the spear for Engineering, Operations and Maintenance, Cyber Security, and Defensive Cyber Operations supporting the warfighter in the Southwest Asia area.
USAFCENT is the air component of United States Central Command (USCENTCOM), a regional unified command. USAFCENT, in concert with its coalition, joint and interagency partners, delivers decisive air and space power on behalf of USCENTCOM for the security and stability of the Southwest Asia (SWA) region. The USAFCENT NOSC delivers cyberspace command and control (C2) superiority to the warfighter by engineering, implementing, securing, managing, operating and maintaining USAFCENT's Non-Classified Internet Protocol Router Network (NIPRNet), Secret Internet Protocol Router (SIPRNet), USCENTCOM Partner Networks (CPN-X), and associated C2 networks, systems and services.
The USAFCENT NOSC executes the full-spectrum of IT services management and operations for USAFCENT networks 24 hour-a-day, 7 day-a-week (24/7); and is tasked by USCENTCOM to provide information assurance (IA) boundary intrusion detection and intrusion prevention for USCENTCOM components. Comprised of NOSC operations, operations support, cybersecurity, network engineering, and command support functions, the USAFCENT NOSC plans, engineers, installs, integrates, operates and maintains, protects and manages enterprise-wide network and systems architecture, infrastructure and services; and provides enterprise-level oversight to its subordinate and supported communications support activities.
Candidates will be working at Shaw AFB, SC and/or Lackland AFB, TX. Frequent temporary duty (TDY) and/or deployment travel to OCONUS locations in the USCENTCOM AOR is required to support sustainment, site surveys, installations, upgrades, integration, testing, troubleshooting and other mission-related requirements.
The candidate for this position provides solutions to a variety of technical problems of moderate scope and complexity where analysis of situations or data requires a review of the variety of factors through frequent use and application of technical standards, principles, theories, concepts and techniques.
Cyber Intelligence Analysis:
- Provides correlation and analysis of cyberspace incident reports derived from reliable sources, network sensors, vulnerability management devices, open source information, and Industry/ Government provided situational awareness of known adversary activities.
- Applies expert knowledge of Named Areas of Interest (NAI) and advanced persistent threats to review, analyze, and maintain the content of an indicator database to aid in the detection and mitigation of threat activity.
- Utilizes COTS/GOTS analyses tool and expert knowledge to provide threat detection analysis and monitoring, correlation, and prevention of cyber threat activity targeting the customer network. This task requires technical knowledge on the utilization of government and industry capabilities, best security practices, advanced log analysis, forensics, network monitoring, network flow analysis, packet capture analysis, network proxies, firewalls, and anti-virus capabilities. Additionally, this task requires technical knowledge of forensics analysis to determine adversary methods of exploiting information system security controls, the use of malicious logic, and the lifecycle of network threats and attack vectors.
- Must produce reports on the unique TTPs utilized and conduct incident handling/triage, network analysis and threat detection, trend analysis, metric development, and security vulnerability information dissemination.
- Must be able to assist the customer with developing metrics and trending/analysis reports of malicious activity and develop signatures for threat detection.
Specific duties for this position include, but are not limited to:
- Analyze cyber intelligence reports to determine correlation and applicability to network operations on USAFCENT networks.
- Analyze network intrusion detection reports and vulnerability assessments to evaluate security posture as it pertains to current operations and information security levels.
- Recommends security posture changes based on security analysis and changes in threat indicators.
- Develop reports and trend analysis of internal and external security activity, and incidents.
- Provide on-shift training for both contractors and government personnel to include analysis interpretation and threat/event correlation.
- Track, document, and report all security related events, including, but not limited to, Discharge of Classified Information and Cross Domain Violations IAW USCENTCOM/USAFCENT policy
- Coordinate and track Information Assurance Vulnerabilities Alerts (IAVA). Review and report USAFCENT compliance to USCENTCOM and develop Plans, Objectives, Actions and Milestones (POA&M) if unable to complete task.
Bachelors and two (2) years or more experience; Masters and 0 years related experience. In addition the following certifications and skills are required: CEH, Unix, MCSA, Firewall, Network+ CE, and ITIL Foundation. Desired Qualifications
ITIL 4 Foundation certification or any ITIL v3 Intermediate certification. Any equivalent CSSP-A certification, if not the certification listed above.
My SAIC Benefits.