SYSTEMS SECURITY ENGINEER (JBSA-21-0345-W):
Bowhead seeks a Systems Security Engineer to support the AFCERT DCO HAC contract in San Antonio, TX.
Systems Security Engineer conducts software and systems engineering to develop new capabilities, ensuring cybersecurity is fully integrated across the enterprise. The contractor employee shall conduct comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems. The contractor employee shall install, configure, troubleshoot, and maintain hardware and software, and administers system accounts. The contractor employee shall research and analyze the latest information security vulnerabilities, threats, exploits, trends and intelligence. Systems Security Engineers contractor employees shall be in close collaboration with DO and DM leadership to ensure tasks align with squadron requirements, priorities, and future initiatives. Systems Security Engineer contractor employees may be required to provide 24 hour coverage (work) for seven (7) days a week, 365 days a year with zero tolerance for error.
• Write and develop scripts to automate the system installation of required patches and configurations to remediated identified system vulnerabilities.
• Perform coding and development as required to augment default SIEM functionality and facilitate the intercommunications of various security controls.
• Develops basic new cybersecurity capabilities.
• Develop new and maintain existing Splunk, ELK or other search/analytics tool's knowledge objects (Saved searches, reports, dashboards, data models, event types, field aliases, field extractions, macros, lookups, tags) to alert on potentially malicious activity or fulfill compliance/policy requirements.
• Ensure critical data feeds and hosts are sending data.
• Develop, debug and maintain scripting languages.
• Create, install and test vulnerability fixes to Windows and Unix/Linux platforms.
• Assist/lead in conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture.
• Perform systems security engineering and test efforts associated with implementing security controls on networking devices, databases, operating systems, hardware, and software components.
• Develop vulnerability reports and investigation impact, resolution and verification of security vulnerabilities and patches; as well as, performing deep-dive and impact analysis into failed patch deployments.
• Develop and provide regular reports on patch management program and overall status of patch compliance.
• Perform and provide vulnerability assessment results and recommendations to the ESM Lead, and DO as necessary.
• Assess known systems vulnerabilities and verify system hardening and patching activities to ensure compliance with the most current applicable Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) and related checklists with no more than a 5% error rate.
• Document, implement and prioritize patching requirements across the AFIN/AFNet enterprise.
• Provide OJT to other contractor employees, military, and/or civilian personnel, and ensure continuity folders/working aids are updated at least once per quarter in order to ensure efficient transition when personnel rotate.
• Maintain currency on latest industry trends and provide operational reports/assessments for development of tactics, techniques, and procedures.
• Create, document, and report metrics for analysis to improve weapon system processes and mission execution.
• Support operational leaderships tasking as it relates to Systems Security Engineer functions and responsibilities
Bowhead seeks to network with qualified individuals relative to a potential opportunity, which is contingent upon award and not currently funded. Please click the link at the bottom of this posting to apply for consideration. Incumbent employees are encouraged to respond. No solicitations or third party applications will be accepted.
In accordance with Executive Order 14042: Ensuring Adequate COVID Safety Protocols for Federal Contractors, candidates should be aware that they may be required to have received or be willing to receive the COVID-19 vaccine by date of hire. All job offers in connection with a covered contract may be contingent upon providing proof of vaccination prior to your anticipated start date.
• More than five (5) years of relevant work experience, including experience in responding to security problems in target-rich environments, looking at security alerts, front-line analysis, and response.
• Proficient w/ Splunk Processing Language (SPL), ELK Lucene Query Syntax or other search/analytics tool.
• Proficient with programming/scripting fundamentals - including regex, C++, Python, RHEL, Unix Scripting, and Windows PowerShell is required.
• Understanding of SIEM "Search" Language & Lucene Query Syntax. Understanding of SIEM Dashboard, Reports, Lookup Tables, and Summary Indexes.
• Experience with SIEM Apps and ELK.
• Knowledge customizing Dashboards via the XML source.
• Experience with Python Scripting.
• Programming experience in Python, C/C++, Java, or Go.
• Demonstrated expertise with malware analysis, including investigations of botnet and root-kit behavior.
• Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography). Network Security Devices (IDS/IPS, NGFW, WAF, NGAV). OSSEC, Snort, Suricata Experience.
• Experience with at least one SIEM i.e Alienvault, Logrhythm, Splunk, Qradar , ELK and Firewalls such as Fortinet, Sonicwall, and Palo Alto.
• Scanning technologies, Log collection and analysis tools (SIEM).
• Experience with Scripting/Programming Languages (BASH, Python, Java, etc).
• Extensive knowledge of MITRE ATT&CK framework, and its uses within the cybersecurity community (e.g., Open Source projects).
• BA/BS Computer Science, Computer Engineering, Computer Information Systems, Computer Systems Engineering or related degree preferred
• Must be able to travel on short notice
• IAT Level III CND compliance.
SECURITY CLEARANCE REQUIREMENTS: Must currently hold a security clearance at the Top Secret/SCI level. US Citizenship is a requirement for Top Secret clearance at this location.
Applicants may be subject to a pre-employment drug & alcohol screening and/or random drug screen, and must follow UIC's Non-DOT Drug & Alcohol Testing Program requirements. If the position requires, an applicant must pass a pre-employment criminal background history check. All post-secondary education listed on the applicant's resume/application may be subject to verification.
Where driving may be required or where a rental car must be obtained for business travel purposes, applicants must have a valid driver license for this position and will be subject to verification. In addition, the applicant must pass an in-house, online, driving course to be authorized to drive for company purposes.
UIC is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V. In furtherance, pursuant to The Alaska Native Claims Settlement Act 43 U.S.C. Sec. 1601 et seq., and federal contractual requirements, UIC and its subsidiaries may legally grant certain preference in employment opportunities to UIC Shareholders and their Descendants, based on the provisions contained within The Alaska Native Claims Settlement Act.
All candidates must apply online at www.uicalaska.com, and submit a completed application for all positions they wish to be considered. Once the employment application has been completed and submitted, any changes to the application after submission may not be reviewed. Please contact a UIC HR Recruiter if you have made a significant change to your application. In accordance with the Americans with Disabilities Act of 1990 (ADA), persons unable to complete an online application should contact UIC Human Resources for assistance (https://uicalaska.com/careers/recruitment/).
UIC Government Services (UICGS / Bowhead) provides innovative business solutions to federal and commercial customers in the areas of engineering, maintenance services, information technology, program support, logistics/base support, and procurement. Collectively, the fast-growing Bowhead Family of Companies offers a breadth of services which are performed with a focus on quality results. Headquartered in Springfield, VA, we are a fast-growing, multi-million-dollar corporation recognized as one of the top 25 8(a) companies for government contracting.
Bowhead offers competitive benefits including medical, dental, vision, life insurance, accidental death and dismemberment, short/long-term disability, and 401(k) retirement plans as well as a paid time off programs for eligible full-time employees. Eligible part-time employees are able to participate in the 401(k) retirement plans and state or contract required paid time off programs.
Link to Apply:
#LI-JR1 UIC and its Family of Companies is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics EOE/AA/M/F/D/V. Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.Please view Equal Employment Opportunity Posters provided by OFCCP here .The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)