Leidos is seeking a Trend Micro Tipping Point specialist to support the DoD's JRSS (Joint Regional Security Stack) deployment activities, a multi-year, global effort to improve the DoD's security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing network security into regional stacks rather than locally distributed appliances. This position is located in Springfield, VA and may require up to 10% travel.
You must hold an active Secret Clearance to qualify and you must be eligible to obtain a Top Secret clearance as required by the program. Current IAT II 8570 Certification is required before beginning work on this program (Security+ce, CISSP). In this role, you will act as the senior support person for the JRSS Tipping Point implementation. In this capacity you will work as part of a multi-disciplinary team that supports the active and passive Computer Network Defense (CND) tools deployed in JRSS stacks. You will also integrate with other technical teams, with DISA personnel, with vendor technical support personnel, and with technical representatives from DoD services.
The successful candidate will be able to do the following Tipping Point tasks: Install and configure the tool (including any work that needs to be done on the underlying OS)Integrate the tool for RBAC services such as AD, LDAP, TACACS+Configure the tool to work with system health monitoring tools via SNMP for status Create and edit profiles appropriate for the customer environmentCreate custom rules with the DB toolkitApply profiles to virtual segmentsUnderstand filters with profiles and impact they have on performanceMonitor the tool's health and performanceTune system parameters to enhance/improve system performanceProvide Tier 2/3 troubleshooting for Tipping Point issues, either within the tool or as part of an integrated team of professionals addressing larger issuesAssist other JRSS teams that perform lifecycle O&M on the tools by acting as tool expertConfigure, troubleshoot, and monitor Tipping Point event flows including the integration of Tipping Point data into a SIEM for use by cyber intrusion analystsProvide "on the job training" to less experienced JRSS, DISA or DoD Services' team membersAct as the senior subject matter expert on the tool for interactions with other teams
EDUCATION & EXPERIENCE:
Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education, with 14 years or more of professional experience; or 12 years of professional experience with a related Master's degree or equivalent work experience in lieu of degree. REQUIRED QUALIFICATIONS: Experienced with installing and configuring Tipping Point (including any work that needs to be done on the underlying OS)Experience with the integration for RBAC services such as AD, LDAP, TACACS+A good understanding of TCP/IP communications and Linux/Unix server construction, configuration, and maintenanceA general knowledge of router and firewall functionality on a network.Experience with SNMP and configuring Tipping Point for health monitoring Experience with developing custom rules with the DV Toolkit A good understanding of filters with profiles and the impact on performanceExperience with monitoring health and performance of Tipping PointExperience with Tipping Point performance tuning Good written and oral communications skills and be able to appropriately present highly technical material to both technical and non-technical audiences. An ACTIVE DoD Secret clearance is required to work on this program. In addition, you must be able to successfully obtain up to Top Secret based on requirements from the customer and program.DoD 8570 IAT2 certification is required
DESIRED QUALIFICATIONS Prior experience as a network intrusion analyst or Security Operations Center analyst. Experience configuring and maintaining the tool in a multi-tenant environment Experience with one or more of the other CND tools in the JRSS cyber suite: Fidelis DLP and MDE SourceFire ArcSight Gigamon Opswat Inquest Argus/Bro ELK (ElasticSearch, Logstash, Kibana) GSMO External Referral Eligible