Peraton
Cyber Security Engineer at Peraton Fort Huachuca, AZ
Peraton, Chicago, Illinois, United States, 60290
Cyber Security Engineer job at Peraton. Fort Huachuca, AZ.
Program Overview
About The Role
Secure Division Support. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO – Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). These responsibilities are broken into five CSSP functions: Identify, Protect, Detect, Respond, and Recover. GCC is responsible for conducting these functions for its assigned portion of the DODIN across both unclassified and classified networks/systems. The division supports the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks. DCO-IDM services defend against unauthorized activity on all Army assets on NIPRNet and SIPRNet. The division provides defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. It manages sensors and analyzes network events, responding to threats. Sensor management includes overseeing in-line NIPS/NIDS sensors monitoring all CONUS DoDIN-A NIPRNet and SIPRNet traffic to detect sensor outages and activities compromising network confidentiality, integrity, or availability. In coordination with GCC Operations, DCO initiates security procedures upon attack detection. Event analysis involves reducing cyber incidents to malicious threats and mitigating them per guidance from GCC leadership. The role involves supporting CSSP services on NIPRNet and SIPRNet, developing reports, TTPs, SOPs, EXSUMS, trip reports, and point papers. Contributions also include preparing agreements, policies, and guidance documentation such as MOUs/A, SLAs. The role also involves Defensive Cyber Infrastructure (DCI) support, including: Developing and distributing content from security platform vendors weekly and as needed. Creating in-house content based on tips from higher organizations and the Threat Hunt team. Providing content to tactical edge customers and developing TTPs. Consolidating data sources to assess threat status. Maintaining dashboards displaying key cybersecurity metrics and active incidents in near real-time. Updating and testing signatures and policies for sensors, with approval through the ITIL process. Developing signatures and policies for network- and host-based sensors, minimizing false positives, and validating syntax. Conducting development and testing on isolated networks, documenting procedures, results, and operational plans, with annual updates. Qualifications
Basic Qualifications: 8 years with BS/BA; 6 years with MS/MA; 3 years with PhD Certifications: CISSP, GCIA, GCLD, GDSA, GICSP, GSEC, ISSAP, or ISSEP Active TS/SCI Clearance Ability to conduct vulnerability assessments and monitor networks supporting test and operational environments. Strong understanding of data transport, encryption, networking, IT systems, and cybersecurity fundamentals. Salary and Additional Details
Target Salary Range: $66,000 - $106,000, based on experience and other factors. EEO:
Equal opportunity employer, including individuals with disabilities and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr
About The Role
Secure Division Support. The GCC provides CSSP responsibilities and conducts DODIN Operations and DCO – Internal Defensive Measures (IDM) to protect the DODIN IAW the DoDM 8530.01 and the DoD Cybersecurity Services Evaluator Scoring Metrics (ESM). These responsibilities are broken into five CSSP functions: Identify, Protect, Detect, Respond, and Recover. GCC is responsible for conducting these functions for its assigned portion of the DODIN across both unclassified and classified networks/systems. The division supports the protection, monitoring, analysis, detection, and response to unauthorized activity within the DoD Information Systems and Networks. DCO-IDM services defend against unauthorized activity on all Army assets on NIPRNet and SIPRNet. The division provides defensive measures to protect and defend information, computers, and networks from disruption, denial, degradation, or destruction. It manages sensors and analyzes network events, responding to threats. Sensor management includes overseeing in-line NIPS/NIDS sensors monitoring all CONUS DoDIN-A NIPRNet and SIPRNet traffic to detect sensor outages and activities compromising network confidentiality, integrity, or availability. In coordination with GCC Operations, DCO initiates security procedures upon attack detection. Event analysis involves reducing cyber incidents to malicious threats and mitigating them per guidance from GCC leadership. The role involves supporting CSSP services on NIPRNet and SIPRNet, developing reports, TTPs, SOPs, EXSUMS, trip reports, and point papers. Contributions also include preparing agreements, policies, and guidance documentation such as MOUs/A, SLAs. The role also involves Defensive Cyber Infrastructure (DCI) support, including: Developing and distributing content from security platform vendors weekly and as needed. Creating in-house content based on tips from higher organizations and the Threat Hunt team. Providing content to tactical edge customers and developing TTPs. Consolidating data sources to assess threat status. Maintaining dashboards displaying key cybersecurity metrics and active incidents in near real-time. Updating and testing signatures and policies for sensors, with approval through the ITIL process. Developing signatures and policies for network- and host-based sensors, minimizing false positives, and validating syntax. Conducting development and testing on isolated networks, documenting procedures, results, and operational plans, with annual updates. Qualifications
Basic Qualifications: 8 years with BS/BA; 6 years with MS/MA; 3 years with PhD Certifications: CISSP, GCIA, GCLD, GDSA, GICSP, GSEC, ISSAP, or ISSEP Active TS/SCI Clearance Ability to conduct vulnerability assessments and monitor networks supporting test and operational environments. Strong understanding of data transport, encryption, networking, IT systems, and cybersecurity fundamentals. Salary and Additional Details
Target Salary Range: $66,000 - $106,000, based on experience and other factors. EEO:
Equal opportunity employer, including individuals with disabilities and protected veterans, or other characteristics protected by law.
#J-18808-Ljbffr