Posted in

Systems Security Engineer – Infrastructure

Systems Security Engineer – Infrastructure

CompanyAnaVation LLC
LocationHuntsville, AL, USA
Salary$Not Provided – $Not Provided
TypeFull-Time
DegreesMaster’s, PhD
Experience LevelExpert or higher

Requirements

  • PhD or Masters Degree in related field or equivalent combination of relevant experience and education (Masters degree strongly preferred)
  • 9 years (minimum)
  • Must have experience with Microsoft Windows / Active Directory
  • Must have understanding of NIST 800 series publications and Federal Information Security Management Act (FISMA) Compliance.
  • Knowledge base in DNS, DHCP, LDAP, SMTP, NTP, and integration with infrastructure services to solve technical and functional issues.
  • Possess proficient understanding of networks, storage, and LAN/WAN systems and applications as well as their dependencies.

Responsibilities

  • Serve as a subject matter expert for information technology environments.
  • Ensure team completes assigned duties such as system administration, identity and authentication, information system security accreditation, data storage and backup, physical infrastructure maintenance, automation development, and Authority to Operate (ATO) for applications and systems.
  • Enhance system operations through the design, development, and sustainment of new and existing system functionality to support configuration management, automated building, automated testing, automated deployment, and automated monitoring and notification.
  • Create and maintain bare-metal and virtual machines with the appropriate distribution of Operating Systems and network configuration, using configuration management tools and automation wherever appropriate.
  • Provision/configure the required software onto servers, such as web servers and databases.
  • Evaluate, improve, and maintain information security throughout the IT infrastructure.
  • Monitor and correct server issues and process for failures and performance bottlenecks.
  • Manage and monitor all installed systems and infrastructure.
  • Write and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks. Mentor junior staff and ensure quality of technical support and contractual deliverables.
  • Build new baselines with the appropriate security and access controls to include DISA STIGS and required security controls.
  • Create and maintain network infrastructure for both bare-metal and virtual machines with the appropriate LAN, WAN, vLAN, SDN, firewall and load balancer configurations, using both OEM and third-party tools that include virtual network tools (NSX) and services.
  • Provision/configure the required networking for servers and applications.
  • Evaluate, improve, and maintain information security throughout the data center network infrastructure.
  • Monitor and correct network issues and create recovery processes for failures and performance bottlenecks.
  • Provide real time alerts for network problem issues and implement proactive solutions for future problems to include re-design or tech refresh.
  • Write and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks, such as automated provisioning of addresses and VLANS with Infrastructure as a Service (IaaS).
  • Develop, modify, implement security policies, procedures, and guidelines to safeguard systems and maintain compliance with applicable federal guidelines for system and information security.
  • Support the management of systems security infrastructure, including firewalls, intrusion detection systems, and security software.
  • Conduct monthly vulnerability scans, monthly Plan of Action, and Milestones (POAM) creation, implement patches, ensure controls are reviewed, adhered to, and modified as needed.
  • Meet regularly with stakeholder teams to coordinate responses to the vulnerabilities and risks identified in the scans and POAMs.
  • Support Government personnel obtain and/or maintain system Authority to Operate (ATO) status requiring compliance with the requirements set by the customer. All activities and documentation will be managed in Risk Vision, Xacta, and/or a similar system.
  • Act as a subject matter expert for all information and system security related matters, advising Government personnel of best practices/solutions and documenting all aspects of the security program.

Preferred Qualifications

  • Experience with VMWare vSphere 7
  • Experience with CISO Networking
  • Experience with Dell Server, and SAN Storage Hardware Experience
  • Familiarity with System Accreditation and Authorization and federal government ATO Processes
  • Experience Evaluating, Documenting, and Managing NIST 80053 Control Implementations
  • Experience with Governance, Risk, and Compliance (GRC) Tools (such as RiskVision, Xacta and JCAM)
  • Microsoft Windows Server Hybrid Administrator Associate
  • VMware Data Center Virtualization (VCPDCV)
  • Cisco Certified Network Professional (CCNP)
  • Certified Information Systems Security Professional (CISSP)