Intrusion Protection Specialist, 2 (4098)

Company: OBXtek Inc.
Location: Gwynn Oak
Posted on: September 17, 2020

Job Description:

OBXtek is currently staffing for a--Senior--Intrusion Protection Specialist--2--to support SSA's--OIS/DSE division with--Intrusion Protection.--BackgroundOIS provides intrusion protection and vulnerability assessments of the Social Security Administration's Information systems at various inter-dependent levels. The assessment of the network's security is a crucial first step in providing intrusion protection. Additionally OIS provides remediation to security incidents. A key ingredient of this remediation is the recommendation of immediate corrective actions to systems known to have any security weaknesses or vulnerabilities.----Scope of TaskThe objective is to evaluate, identify and classify all anomalous traffic across SSA net and then to provide corrective action.In support of the task, the contractor shall perform activities such as those described in the sub-tasks below.--Sub-Task 1:--Intrusion Protection and Vulnerability Assessments--Purpose:--Provide intrusion protection and vulnerability assessments at all levels of the SSA computing enterprise including current SSA systems, SSA systems under development or scheduled for implementation.--Activities:Provide senior-level advisement to division management and adjacent staff related to Intrusion Protection and Vulnerability Assessments.Monitor Intrusion Detection System (IDS) sensors and infrastructure and other monitoring tools based on a schedule defined by SSA Management.Monitor vulnerability scanning infrastructure based on a schedule defined by SSA Management.Evaluate risk models developed by SSA and provide feedback to the Task Manager.Perform ad-hoc scanning as defined by the Task Manager.Develop scripts using UNIX shell scripting, Perl, PHP or Visual Basic for use in analyzing traffic patterns and anomalies.Deliverables:--The contractor shall post weekly updates of tasks and status based on these activities to the Security Operations SharePoint site in a shared Microsoft OneNote notebook.------Sub-Task 2:--Maintain Industry Awareness--Purpose:--Stay abreast of current exploits, techniques and critical changes in the area of Intrusion ProtectionActivities:Provide senior-level advisement to division management and SSA and contract staff related to Industry Awareness.Visit hacker, security related, other Government agencies and anti-virus vendor websites as well as security-related industry trade publications.Determine and document potential threats to SSA systems based on this research.Determine and document vulnerabilities in SSA systems based on this research.Recommend corrective action to systems known to have security weaknesses or vulnerabilitiesConceptualize red/blue team exercises as directed by the Technical Contact.Deliverables:--The contractor shall post weekly updates of tasks and status based on these activities to the Security Operations SharePoint site in a shared Microsoft OneNote notebook.----Sub-Task 3:--Evaluate Security Standards--Purpose:--Monitor the documentation and implementation of various SSA security standards and evaluate their effectiveness.--Activities:Provide senior-level advisement to division management and adjacent staff related to Evaluating Security Standards used by SSA.Recommend industry security best practices to integrate in to SSA security policies and procedures.Deliverables:The contractor shall post weekly updates of tasks and status based on these activities to the Security Operations SharePoint site in a shared Microsoft OneNote notebook.--Sub-Task 4:------Distinguish Non-Threatening Network Traffic from Authentic Intrusion Attempts--Purpose:--Enhance detection and reporting capabilities of SSA network security monitoring systems.--Activities:--Provide senior-level advisement to management and adjacent staff related to distinguishing non-threatening network traffic from authentic intrusion attempts.--On a daily basis, review data generated by firewall monitors, such as web server and firewall logs and other data sources as defined by the Task Manager that contain information on external or internal intrusion attempts.Perform daily tuning of SSA network monitoring systems.Perform daily validation of proper system settings and the application of the current version of system patches.Prepare Vulnerability Reports explaining identified vulnerabilities, potential for exploitation, at least 3 methods for mitigating the vulnerability and the cost associated with each remedy.Recommend corrective action if an authentic intrusion event occurs.Prepare a test plan, delivered via email, describing the approach for each plan task, time needed, tools that will be utilized, potential effects on production systems and a contingency plan should it adversely affect production system.Participate in security software activities: deployment, administration, provisioning, configuration, backup and restore procedures, documentation, policy setup, logging, patches, testing, and support.Deliverables:--The contractor shall post weekly updates of tasks and status based on these activities to the Security Operations SharePoint site in a shared Microsoft OneNote notebook.--Pagers and Laptops--The contractors will carry a communications device at all times and respond to calls.The contractors shall participate in on-call coverage via a rotated pager.QUALIFICATIONSAbility to obtain--Public Trust Clearance--10+ years of task-related experience.--Experience with anomaly-based and signature-based intrusion detection systems.--Experience with continuous diagnostics and mitigation, and endpoint detection and response technologies.--Experience with hands-on engineering, building, supporting, troubleshooting, and maintaining--security operations systems.----Experience with scripting.Company InformationHeadquartered in McLean, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is--Our People---Our Reputation.--Our people are trained professionals who enhance our customers' knowledge and innovation using technology, collaboration, and education.--We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.--As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.--OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.--Apply for this job onlineShare on your newsfeedEqual Opportunity Employer/Veterans/Disabled

Keywords: OBXtek Inc., Baltimore , Intrusion Protection Specialist, 2 (4098), Other , Gwynn Oak, Maryland