Vacancy expired!
- Execute intrusion detection monitoring and incident response and management processes and procedures IAW DoD policy and USTRANSCOM direction
- Provide intrusion detection monitoring and incident management, to include installation, configuration, operation, and system administration of the GFE intrusion detection monitoring and incident management tool suite on-site 24x7 at Scott AFB
- Provide on-site support at locations other than Scott AFB will be on an as needed basis and as directed by the government
- Use intrusion detection monitoring and incident management tool suite consisting of network and host-based sensors, log consolidation mechanisms, analysis platforms and other products that may be directed or procured
- Manage 24/7 schedules for the team
- Update and maintain all IDA program deliverable standard operating procedures quarterly
- Identify unauthorized activity against USTRANSCOM information systems and networks on NIPRNet and SIPRNet and initiate appropriate incident response actions
- Perform installation of intrusion detection monitoring and incident management tools IAW USTRANSCOM processes, including requesting/coordinating hardware/software procurement (including lifecycle upgrades); performing project management, e.g. government provided requirements management tool and schedules; building and configuring systems to be Security Technical Implementation Guide (STIG) compliant; performing functional testing; developing system authorization/accreditation supporting documentation, requesting security evaluations and remediation of findings; and performing operational deployment
- Perform the day-to-day mission execution of the intrusion detection monitoring and incident management and response activity
- Perform the day-to-day operation and maintenance of the intrusion detection monitoring and incident management tool suite
- Document changes to intrusion detection monitoring and incident management tools (e.g., software installs, patching, software configuration changes, etc.) in accordance with Change Management policies and provide configuration management data on all of its managed systems according to the schedule and format directed by the Government
- Desired skills include experience with cloud-based hosting environments
- In-depth knowledge of Splunk is desired.
- Collect and provide the Government with monthly metrics on intrusion detection monitoring and incident management activity
- Maintain current documentation on intrusion detection monitoring and incident management processes and procedures and provide the following deliverable documents to the government IAW the assigned suspense dates
Vacancy expired!