Bristol Bay Native Corporation
Lackland Air Force Base, San Antonio, TX, USA
Job Description
Posted Friday, May 9, 2025 at 5:00 AM STS Systems Support, LLC (SSS) is seeking a Cyber Data Engineer to support our ongoing mission in Texas. What You'll Do:
Write and develop scripts to automate the system installation of required patches and configurations to remediate identified system vulnerabilities. Perform coding and development as required to augment default SIEM functionality and facilitate the intercommunications of various security controls. (CDRL A007) Develop basic new cybersecurity capabilities. (CDRLA007) Develop and maintain existing knowledge objects in Splunk, ELK, or other search/analytics tools (Saved searches, reports, dashboards, data models, event types, field aliases, field extractions, macros, lookups, tags) to alert on potentially malicious activity or fulfill compliance/policy requirements. (CDRL A007) Develop, debug, and maintain scripting languages. Create, install, and test vulnerability fixes on Windows and Unix/Linux platforms. Assist or lead conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture. Perform systems security engineering and testing efforts associated with implementing security controls on networking devices, databases, operating systems, hardware, and software components. Develop vulnerability reports and investigate impact, resolution, and verification of security vulnerabilities and patches; perform deep dive and impact analysis of failed patch deployments. (CDRLA008) Develop and provide regular reports on the patch management program and overall patch compliance status. (CDRL A008) Perform vulnerability assessments and provide results and recommendations to the ESM Lead and DO as necessary. Assess known system vulnerabilities and verify system hardening and patching activities to ensure compliance with current Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) with no more than a 5% error rate. Document, implement, and prioritize patching requirements across the AFIN/AFNet enterprise. (CDRL A008) Provide On-the-Job Training (OJT) to other contractor employees, military, and civilian personnel; ensure continuity folders/working aids are updated quarterly for efficient personnel transition. Maintain currency on latest industry trends and provide operational reports/assessments for developing tactics, techniques, and procedures. (CDRL A002) Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009) Support operational leadership tasks related to Systems Security Engineer functions and responsibilities. What You Bring:
Must be a U.S. Citizen with an Active TS/SCI clearance. More than 3 years of relevant work experience. BA/BS or MA/MS degree. Proficient with Splunk Processing Language (SPL), ELK Lucene Query Syntax, or other search/analytics tools. Proficient with programming and scripting fundamentals, including regex, C++, Python, RHEL, Unix Scripting, and Windows PowerShell. Over three years of relevant experience, including responding to security issues in target-rich environments, analyzing security alerts, and incident response. Understanding of SIEM 'Search' Language & Lucene Query Syntax, SIEM Dashboards, Reports, Lookup Tables, and Summary Indexes. Experience customizing Dashboards via XML source. Experience with SIEM applications and ELK. Experience with Python scripting and programming in Python, C/C++, Java, or Go. Expertise in malware analysis, including investigations of botnet and root-kit behavior. Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography), Network Security Devices (IDS/IPS, NGFW, WAF, NGAV), and tools like OSSEC, Snort, Suricata. Experience with at least one SIEM (e.g., Alienvault, LogRhythm, Splunk, QRadar) and firewalls (Fortinet, SonicWall, Palo Alto). Knowledge of scanning technologies, log collection, and analysis tools (SIEM). Proficiency in scripting/programming languages such as BASH, Python, Java. Extensive knowledge of the MITRE ATT&CK framework and its applications within cybersecurity. SSS offers a competitive benefits package including paid holidays, sick and vacation leave, medical, dental, and vision insurance, flexible spending accounts, short and long-term disability, company-paid life insurance, 401(k) with company match, discretionary profit sharing, and tuition reimbursement. #J-18808-Ljbffr
Posted Friday, May 9, 2025 at 5:00 AM STS Systems Support, LLC (SSS) is seeking a Cyber Data Engineer to support our ongoing mission in Texas. What You'll Do:
Write and develop scripts to automate the system installation of required patches and configurations to remediate identified system vulnerabilities. Perform coding and development as required to augment default SIEM functionality and facilitate the intercommunications of various security controls. (CDRL A007) Develop basic new cybersecurity capabilities. (CDRLA007) Develop and maintain existing knowledge objects in Splunk, ELK, or other search/analytics tools (Saved searches, reports, dashboards, data models, event types, field aliases, field extractions, macros, lookups, tags) to alert on potentially malicious activity or fulfill compliance/policy requirements. (CDRL A007) Develop, debug, and maintain scripting languages. Create, install, and test vulnerability fixes on Windows and Unix/Linux platforms. Assist or lead conducting cybersecurity audits to ensure appropriate implementation and compliance of the security posture. Perform systems security engineering and testing efforts associated with implementing security controls on networking devices, databases, operating systems, hardware, and software components. Develop vulnerability reports and investigate impact, resolution, and verification of security vulnerabilities and patches; perform deep dive and impact analysis of failed patch deployments. (CDRLA008) Develop and provide regular reports on the patch management program and overall patch compliance status. (CDRL A008) Perform vulnerability assessments and provide results and recommendations to the ESM Lead and DO as necessary. Assess known system vulnerabilities and verify system hardening and patching activities to ensure compliance with current Security Technical Implementation Guides (STIGs)/Security Requirements Guides (SRGs) with no more than a 5% error rate. Document, implement, and prioritize patching requirements across the AFIN/AFNet enterprise. (CDRL A008) Provide On-the-Job Training (OJT) to other contractor employees, military, and civilian personnel; ensure continuity folders/working aids are updated quarterly for efficient personnel transition. Maintain currency on latest industry trends and provide operational reports/assessments for developing tactics, techniques, and procedures. (CDRL A002) Create, document, and report metrics for analysis to improve weapon system processes and mission execution. (CDRL A009) Support operational leadership tasks related to Systems Security Engineer functions and responsibilities. What You Bring:
Must be a U.S. Citizen with an Active TS/SCI clearance. More than 3 years of relevant work experience. BA/BS or MA/MS degree. Proficient with Splunk Processing Language (SPL), ELK Lucene Query Syntax, or other search/analytics tools. Proficient with programming and scripting fundamentals, including regex, C++, Python, RHEL, Unix Scripting, and Windows PowerShell. Over three years of relevant experience, including responding to security issues in target-rich environments, analyzing security alerts, and incident response. Understanding of SIEM 'Search' Language & Lucene Query Syntax, SIEM Dashboards, Reports, Lookup Tables, and Summary Indexes. Experience customizing Dashboards via XML source. Experience with SIEM applications and ELK. Experience with Python scripting and programming in Python, C/C++, Java, or Go. Expertise in malware analysis, including investigations of botnet and root-kit behavior. Familiarity with information security concepts (OWASP Top 10, CVEs, IoCs, TTPs, Cryptography), Network Security Devices (IDS/IPS, NGFW, WAF, NGAV), and tools like OSSEC, Snort, Suricata. Experience with at least one SIEM (e.g., Alienvault, LogRhythm, Splunk, QRadar) and firewalls (Fortinet, SonicWall, Palo Alto). Knowledge of scanning technologies, log collection, and analysis tools (SIEM). Proficiency in scripting/programming languages such as BASH, Python, Java. Extensive knowledge of the MITRE ATT&CK framework and its applications within cybersecurity. SSS offers a competitive benefits package including paid holidays, sick and vacation leave, medical, dental, and vision insurance, flexible spending accounts, short and long-term disability, company-paid life insurance, 401(k) with company match, discretionary profit sharing, and tuition reimbursement. #J-18808-Ljbffr