On contract award, Leidos will have an opening for an Information Assurance Technician III in Qatar. This is an exciting opportunity to use your experience helping the AFCENT Communications Technical Support Service IV mission. In this mission we ensure communications information is available to forward deployed forces supporting Operation Resolute Support and Inherent Resolve in South West Asia (SWA) and the continuing mission requirements of the Department of Defense (DoD).
The contractor shall provide cyber-security management support IAW AFI 17-130, Air Force Cyber Security Pro-gram Management, as defined in the individual TOs. The contractor shall coordinate all actions required by USAFCENT cyber security-related CTOs including, but not limited to, vulnerability scanning and patch compliance. USAFCENT Cyber Security oversees all vulnerability scans IAW SPIN-C. Cyber security tasks shall include:
a. Scanning: The contractor shall annotate remediation and mitigation actions on the vulnerability scan re-ports and return responses to USAFCENT Cyber Security to meet CTO compliance standards.
b. Patching: The contractor shall monitor and verify patch compliance using the approved technical solution (i.e., SCCM, Assured Compliance Assessment Solution (ACAS)) Information Assurance Vulnerability Alert (IAVA) compliance dashboards to track patching progress IAW patch compliance CTO requirements. Subtasks shall include:
1. Coordinate appropriate actions to ensure site systems are receiving patches and identify any patch installation issues.
2. Coordinate with local administrators to troubleshoot and elevate patching issues to NOSC engineers in a timely manner in order to meet patch compliance timelines. If automated patches are unavailable, such as with PMO systems, the contractor shall coordinate with PMO offices for manual patching of these systems to meet compliance levels IAW the CTO and SPIN-C requirements.
3. Develop a POA&M when CTO compliance cannot be met by the compliance date.
c. Review System Logs: The contractor shall review all system logs on a daily basis for indications of unau-thorized activity. Suspicious or abnormal log information shall be noted, escalated, and safeguarded IAW the SPIN-C.
d. Report and Contain Viruses, Malicious, and Negligent Activities: The contractor shall report virus out-breaks or suspected malicious activity IAW SPIN-C directives and instructions. The contractor shall take appropriate action to contain a virus outbreak or suspected malicious activity immediately; this includes updating virus signatures and possibly isolation of the infected system(s). A Remedy trouble ticket shall be opened for all virus outbreaks or suspected malicious activity.
1. The contractor shall report all Negligent Discharges of Classified Information (NDCI) or Cross Do-main Violations (CDV) IAW SPIN-C directives and instructions. The contractor shall take appropriate actions to contain and safeguard classified information from being further compromised. All NDCIs/CDVs and their respective reporting shall be classified to the same level as the information contained.
2. The contractor shall attend and participate in required NOSC Systems and Cyber Security meetings or teleconferences.
e. Security Information and Event Management (SIEM): The contractor shall monitor internal and wireless (if site is equipped with wireless) Security Information and Event Management (SIEM) systems and escalate any possible alerts to USAFCENT Cyber Security for investigation. The contractor shall attempt to identify the source and severity of activity and work with USAFCENT Cyber Security to contain, eradicate, or block the malicious activity. The contractor shall review all intrusion and SIEM system alerts, logs, and reports for false positives. The contractor shall identify all activity detected by working with site systems and networks to document the activity that is causing the alerts. The contractor shall then work with site and USAFCENT Cyber Security leadership to acquire approval to filter out these alerts.
f. Air Wireless Detection: The contractor shall monitor over-the-air wireless detection systems if site is so equipped for indications of malicious activity against wireless systems. The contractor shall attempt to identify the source of activity and consult with USAFCENT Cyber Security and site leadership on courses of action.
g. Wireless Audits: The contractor shall conduct wireless audits (war drives) IAW the SPIN-C to detect any unauthorized wireless devices connected to the site network. The contractor shall consult with site leader-ship and USAFCENT Cyber Security to identify the device and assist in any investigations as directed by leadership.
h. Network Compliance: The contractor shall review all site Access Control Lists (ACLs) and validate that permitted activity is relevant to current systems/network architecture and approved through USAFCENT Cyber Security leadership. The contractor shall audit all backup procedures IAW the SPIN-C to validate critical systems can be reconstituted after failure. The contractor shall review all network account access request forms for accuracy prior to account creation. The contractor shall be responsible for maintaining certifications as listed in the labor category. Certification will be included in the work center’s continuity book.
Must meet the certification requirement of DoD 8570.01-M or otherwise stated in SPIN-C or individual task order. The contractor is expected to have, but is not limited to, one or more IT certifications from each group:
Group 1: Information Technology Certification Requirements
- Microsoft Certified Master (MCM) – Microsoft Exchange/Windows Server
- Cisco Certified Network Associate
- Cisco Certified Network Professional (CCNP)
- CompTIA Linux +
- Linux Professional Institute Certification (LPIC)
- Red Hat Certified Engineer (RHCE)
Group 2: IA Technology Certification Requirements
- GIAC Certified Firewall Analyst (GCFW)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Windows Security Administrator (GCWN)
- GIAC Certified UNIX Security Administrator (GCUX)
- GIAC Systems and Network Auditor (GSNA)
- GIAC IT Security Audit Essentials (GSAE)
- GIAC Systems and Network Auditor (GSNA)
- GIAC Certified Security Consult ant (GCSC)
- GIAC Certified Incident Handler (GCIH)
Group 3: IAT Level II Requirements
- Global Information Assurance Certification (GIAC) Security Essentials Certification (GSEC)
- CompTIA Security +
- Security Certified Network Professional (SCNP)
- Systems Security, Certified Practitioner (SSCP)
Group 4: IAT Level III Requirements
- Certified Information Security Auditor (CISA)
- GIAC Security Expert (GSE)
- Security Certified Network Architect (SCNA)
- Certified Information System Security Professional (CISSP) or Associate
- Certification and Accreditation Professional (CAP)
- GIAC Information Security Fundamentals (GISF)
- GIAC Security Leadership Certification (GSLC)
- Certified Information Security Manager (CISM)
- Lead level of experience in IA technology or design, maintenance, and operation of small to medium networks. This experience must include administrating corporate or business’ user accounts managing mail servers, printer servers, WWW servers, and/or firewalls.
- Must have experience in reviewing and recommending software applications as well as identifying hardware salient characteristics and any add on devices.
- Experience in systems management, monitoring and sustainment; hardware repair for servers, PCs, peripheral equipment; software installation, maintenance and sustainment.
- Typically requires BS degree and 8 - 12 years of prior relevant experience or Masters with 6 - 10 years of prior relevant experience.
- May possess a Doctorate in technical domain.
- Requires an active Secret security clearance.
Must have lead level of experience working with the following:
- Tactical and strategic security issues of systems and networks, and associated requirements specific to deployed architecture
- Network security, network and systems intrusion detections, advanced devices, firewalls, and software specific to the Department of Defense
- Server operations including installation, configuration, optimization, and analyzing logs on Windows operating systems (including Server 2003/2007 and modern desktop versions)
- Cisco IOS, CAT OS, configuration of Cisco routers and switches
- Server operations including installation, configuration, optimization, and analyzing logs on Unix operating systems (including Linux and Solaris)
- Expert in all functions of both DoD 8570-defined IAT Level I and IAT Level II positions
Candidate must have a valid U.S. Passport that will not expire with 7 months from hire date.
External Referral Bonus:Ineligible
Potential for Telework:No
Clearance Level Required:Secret
Travel:Yes, 10% of the time
Scheduled Weekly Hours:40
Job Family:Information Assurance
Leidos is a Fortune 500® information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $10.19 billion for the fiscal year ended December 28, 2018. For more information, visit www.Leidos.com.
Pay and Benefits
Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here.
Securing Your Data
Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to email@example.com.
Commitment to Diversity
All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.