OBXtek is currently staffing for a Senior Intrusion Protection Specialist to support SSA's OIS/DSE division with Intrusion Protection. Candidates need to have or qualify for a Public Trust clearance.
OIS provides intrusion protection and vulnerability assessments of the SSA Information systems at various inter-dependent levels. The assessment of the network's security is a crucial first step in providing intrusion protection. Additionally OIS provides remediation to security incidents. A key ingredient of this remediation is the recommendation of immediate corrective actions to systems known to have any security weaknesses or vulnerabilities.
Scope of Task
The objective is to evaluate, identify and classify all anomalous traffic across SSA net and then to provide corrective action.
In support of the task, the contractor shall perform activities such as those described in the sub-tasks below.
Sub-Task 1: Intrusion Protection and Vulnerability Assessments
Purpose: Provide intrusion protection and vulnerability assessments at all levels of the SSA computing enterprise including current SSA systems, SSA systems under development or scheduled for implementation.
- Provide senior-level advisement to division management and adjacent staff related to Intrusion Protection and Vulnerability Assessments.
- Monitor Intrusion Detection System (IDS) sensors and infrastructure and other monitoring tools based on a schedule defined by SSA Management.
- Monitor vulnerability scanning infrastructure based on a schedule defined by SSA Management.
- Evaluate risk models developed by SSA and provide feedback to the Task Manager.
- Perform ad-hoc scanning as defined by the Task Manager.
- Develop scripts using UNIX shell scripting, Perl, PHP or Visual Basic for use in analyzing traffic patterns and anomalies.
Sub-Task 2: Maintain Industry Awareness
Purpose: Stay abreast of current exploits, techniques and critical changes in the area of Intrusion Protection
- Provide senior-level advisement to division management and SSA and contract staff related to Industry Awareness.
- Visit hacker, security related, other Government agencies and anti-virus vendor websites as well as security-related industry trade publications.
- Determine and document potential threats to SSA systems based on this research.
- Determine and document vulnerabilities in SSA systems based on this research.
- Recommend corrective action to systems known to have security weaknesses or vulnerabilities
- Conceptualize red/blue team exercises as directed by the Technical Contact.
Sub-Task 3: Evaluate Security Standards
Purpose: Monitor the documentation and implementation of various SSA security standards and evaluate their effectiveness.
- Provide senior-level advisement to division management and adjacent staff related to Evaluating Security Standards used by SSA.
- Recommend industry security best practices to integrate in to SSA security policies and procedures.
Sub-Task 4: Distinguish Non-Threatening Network Traffic from Authentic Intrusion Attempts
Purpose: Enhance detection and reporting capabilities of SSA network security monitoring systems.
- Provide senior-level advisement to management and adjacent staff related to distinguishing non-threatening network traffic from authentic intrusion attempts.
- On a daily basis, review data generated by firewall monitors, such as web server and firewall logs and other data sources as defined by the Task Manager that contain information on external or internal intrusion attempts.
- Perform daily tuning of SSA network monitoring systems.
- Perform daily validation of proper system settings and the application of the current version of system patches.
- Prepare Vulnerability Reports explaining identified vulnerabilities, potential for exploitation, at least 3 methods for mitigating the vulnerability and the cost associated with each remedy.
- Recommend corrective action if an authentic intrusion event occurs.
- Prepare a test plan, delivered via email, describing the approach for each plan task, time needed, tools that will be utilized, potential effects on production systems and a contingency plan should it adversely affect production system.
- Participate in security software activities: deployment, administration, provisioning, configuration, backup and restore procedures, documentation, policy setup, logging, patches, testing, and support
Pagers and Laptops
The contractors will carry a communications device at all times and respond to calls
The contractors shall participate in on-call coverage via a rotated pager.Qualifications
Active Public Trust Clearance
10+ years of task-related experience
Experience with support and troubleshooting
Experience with Firewalls, Syslog, logging, network security, network/device monitoring and policy compliance.Company Information
Headquartered in McLean, Virginia and founded in 2009, OBXtek is a fast-growing leader in the government contracting field. Our mission is Our People...Our Reputation. Our people are trained professionals who enhance our customers' knowledge and innovation using technology, collaboration, and education.
We offer a robust suite of benefits including comprehensive medical, dental and vision plans, Flexible Spending Accounts, matching 401K, paid time off, tuition reimbursement plans and much more.
As a prime contractor for 93% of our current work, OBXtek pairs lessons learned across disciplines with industry standard quality practices such as CMMI-Dev Level III, ITIL, 6Sigma, PMI, and ISO. Our rapid growth has been recognized by INC500, the Washington Business Journal, and Washington Technology magazine.
OBXtek is an Equal Opportunity Employer and does not discriminate based on race, color, religion, sex, age, national origin, gender identity, disability, veteran status, sexual orientation or any other classification protected by federal, state or local law.
- Security Policies
- Network Security
- Perl (Programming Language)