Leidos is seeking a Trend Micro Tipping Point specialist to support the DoD's JRSS (Joint Regional Security Stack) deployment activities, a multi-year, global effort to improve the DoD's security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing network security into regional stacks rather than locally distributed appliances. This position is located in Springfield, VA and may require up to 10% travel.
You must hold an active Secret Clearance to qualify and you must be eligible to obtain a Top Secret clearance as required by the program. Current IAT II 8570 Certification is required before beginning work on this program (Security+ce, CISSP). In this role, you will act as the senior support person for the JRSS Tipping Point implementation. In this capacity you will work as part of a multi-disciplinary team that supports the active and passive Computer Network Defense (CND) tools deployed in JRSS stacks. You will also integrate with other technical teams, with DISA personnel, with vendor technical support personnel, and with technical representatives from DoD services.
The successful candidate will be able to do the following Tipping Point tasks: Install and configure the tool (including any work that needs to be done on the underlying OS)Integrate the tool for RBAC services such as AD, LDAP, TACACS+Configure the tool to work with system health monitoring tools via SNMP for status Create and edit profiles appropriate for the customer environment. Create custom rules with the DB toolkit. Apply profiles to virtual segments. Understand filters with profiles and impact they have on performance. Monitor the tool's health and performance. Tune system parameters to enhance/improve system performance. Provide Tier 2/3 troubleshooting for Tipping Point issues, either within the tool or as part of an integrated team of professionals addressing larger issues. Assist other JRSS teams that perform lifecycle O&M on the tools by acting as tool expert. Configure, troubleshoot, and monitor Tipping Point event flows including the integration of Tipping Point data into a SIEM for use by cyber intrusion analysts. Provide "on the job training" to less experienced JRSS, DISA or DoD Services' team members. Act as the senior subject matter expert on the tool for interactions with other teams.
- Bachelor's degree from an accredited college in a related discipline, or equivalent experience/combined education, with 14 years or more of professional experience; or 12 years of professional experience with a related Master's degree or equivalent work experience in lieu of degree.
- Experienced with installing and configuring Tipping Point (including any work that needs to be done on the underlying OS)
- Experience with the integration for RBAC services such as AD, LDAP, TACACS+
- Experience with monitoring health and performance of Tipping Point.
- Experience with Tipping Point performance tuning Good written and oral communications skills and be able to appropriately present highly technical material to both technical and non-technical audiences.
- An ACTIVE DoD Secret clearance is required to work on this program. In addition, you must be able to successfully obtain up to Top Secret based on requirements from the customer and program .
- DoD 8570 IAT2 certification is required
- A good understanding of TCP/IP communications and Linux/Unix server construction, configuration, and maintenance.
- A general knowledge of router and firewall functionality on a network.Experience with SNMP and configuring Tipping Point for health monitoring
- Experience with developing custom rules with the DV Toolkit A good understanding of filters with profiles and the impact on performance.
- Prior experience as a network intrusion analyst or Security Operations Center analyst. Experience configuring and maintaining the tool in a multi-tenant environment.
- Experience with one or more of the other CND tools in the JRSS cyber suite: Fidelis DLP and MDE , SourceFire, ArcSight , Gigamon, Opswat, Inquest, Argus/Bro, ELK (ElasticSearch, Logstash, Kibana)
GSMO External Referral Eligible
External Referral Bonus:
Potential for Telework:
Clearance Level Required:
Yes, 10% of the time
Scheduled Weekly Hours:
Defense & Intel