Job Description
An exciting opening for you as our next Mid-level to Senior Systems Administrator to work in Bethesda, MD. Your job will be to bring together, linux (primarily) and windows systems administration, systems maintenance, and systems performance optimization. We are looking for someone who can demonstrate strong cross functional collaboration in areas such as, but not limited to, development, product, and QA in a dynamic and fast paced environment.
You will work closely with the Infrastructure, Integration, Development and Project management teams to improve the security posture of the program by minimizing threats and mitigating them appropriately: Key tasks include but are not limited to:
• Managing ACAS/Nessus scans
• Own development and maintenance of custom scanning profiles
• Provide security technical guidance on resolution of hardening requirements (STIG, OpenSCAP, NIST 800-53, etc)
• Contribute to technical discussion and designs to improve DevSecOps
• Maintain Elasticsearch/Kibana SIEM EDR tools and daily monitoring
• Lead efforts to review security requirements for cloud environment
• Auditing and advising on privileged access controls
• Work with the program to Identify vulnerabilities, missing patches, and misconfigurations across our the infrastructure and ensure there is a scalable approach to prioritizing fixes for any issues identified.
• Ensure relevant audit and security logs are being centrally captured and regularly reviewed
To be successful in this role you need these skills (required):
- A Bachelor’s Degree in Information Technology, or a closely related discipline or 4 years of additional relevant professional experience
- At least 5+ years of relevant professional experience
- Must have an active Top Secret security clearance with the ability to obtain and maintain a TS/SCI with Polygraph security clearance
- At least IAT/IAM-II certification (Security+, CISSP, GISCP, GSEC, GCIH, GCED, etc)
- Significant understanding of attack Frameworks (ATT&CK, STRIDE, OWASP Top 10, etc)
- Working in an Agile project management environment
- Experience with security requirements derivation
- Experience documenting test results for corrective actions, reporting and audits, POAMs, etc
- Excellent verbal and written communication skills
- Ability to work in a team and also a self-starter who can work on their own
- Expert level experience and understanding of security issues revolving around PKI
- Experience with or an understanding of modern authentication and authorization protocols and concepts (OIDC, Keycloack, Oauth 2.x, etc)
- Experience managing secret (eg: Hashicorp Vault)
It would be great if you have specific experiences and skills with the following (preferred):
- Knowledge of Atlassian software suite tools such as JIRA, JIRA Service Desk, Confluence, etc
- Experience with securing data engineering tools suchs as Kubernetes/Rancher, Cloudera
- Experience with Configuration Management (Chef, Puppet, Ansible, Salt) and IaC tools such as terraform and AWS Cloudformation as it pertains to security
- Experience with scripting languages such bash, python3 and power shell
- Experience with securing CI/CD tools Jenkins, Nexus, docker/containerd, gitlab/github
- Experience with securing ELK clusters, including Elasticsearch, Logstash, Kibana and *beats
- Experience with securing Windows Systems and Active Directory
- Experience establishing large computer end-point environments (> 1,000 end-points)
- Experience securing an air-gapped/not-connected-to-the-internet environment
- Experience securing databases
- Experience securing citrix environments
