Job Description
Job Type Full-time Description Supports the DHS Enterprise Engineering Division within the Office of the Chief Information Officer (OCIO) is responsible for the architecture, design, engineering, Tier 3 operations support, maintenance, and management of the network and security infrastructure. This program portfolio includes management and oversight of the technical infrastructure and security tools, sensors, servers, and data storage devices to support the DHS Network Operations Security Center (NOSC) Cyber (SOC) and other DHS stakeholders and Components. Duties/Responsibilities: Assist with development on projects and enhancements within SOAR platform (Swimlane) utilizing Python and JavaScript in addition to Swimlane's built in tools. Work with stakeholders throughout development to ensure satisfaction of requirements. Build and maintain documentation for applications and automations within Swimlane.
Maintain Kubernetes environment running on Red Hat (RHEL) 8 hosts. Maintain Analyst1, Mandiant MSV, and Proofpoint security tools. Build and maintain tool documentation as needed.
Lead development on projects and enhancements within SOAR platform (Swimlane) utilizing Python and JavaScript in addition to Swimlane's built in tools. Work with stakeholders throughout development to ensure satisfaction of requirements. Build and maintain documentation for applications and automations within Swimlane.
Work with NOSC analysts to continuously evaluate and identify areas of improvement in Swimlane applications and automations.
Manage Kubernetes environment running on RHEL 8 hosts. Manage Analyst1, Mandiant MSV, and Proofpoint security tools. Build and maintain tool documentation as needed.
Provide security engineering and support for NOSC hardware, software, and networking technologies currently present or to be added to the infrastructure.
Ensuring the security tools and infrastructure are available and operational from the perimeter down to the endpoints and data itself
Providing support to maintaining and maturing security tool architecture for security operations monitoring
Develop and maintain installation, configuration, and security procedures.
Responsible for daily system monitoring, verifying the integrity and availability of all hardware, server resources, logs, systems and key processes.
Establish working relationships with vendors to ensure alignment of current and future set government requirement and emerging capabilities.
Requirements Minimum Qualifications / Requirements At least 5 years of security/network engineering and architecture experience (NOC, SOC), in supporting, configuring, monitoring, and troubleshooting within a large enterprise security environment.
Technical acumen to include extensive experience deploying, managing, and maintaining a wide range of security tools.
Must be resourceful in multitasking tasks and projects and communicating in a dynamic network.
Must have practical knowledge of network and security tools and how it is administered and integrated into a SOC/NOC environment.
Working knowledge of Zero Trust architectures supported by Cloud Access Security Broker (CASB), Cloud Secure Gateway (CSG) technologies, and SIEM/SOAR frameworks.
Must be willing to participate to a rotating on-call support (24/7/365) for nights, weekends, holiday issues.Experience/Years of Relevant Experience: Excellent verbal and written communication skills
Ability to meet deadlines and work independently. Required Experience 5 years.Education: BA / BS in a Science, Technology, Engineering, Cybersecurity Management fieldCertifications (Not Required): CISSP (Certified Information Security Systems Professional)
CompTIA Security+
ITIL Foundations
Experience with Agile-based project management (primary Kanban)Software/Hardware Experience Desired CyberArk, CA Privileged Access Manager (PAM), Zscaler, Splunk Enterprise, Crowdstrike, Ansible, Red Hat, Linux, Tenable, AWS and Azure Cloud, Swinlane (SOAR/SIEM)Clearance: Must be able to attain/maintain DHS EOD clearance.
Must be a US Citizen and pass a background check.
Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by Softek and/or required by Softek's Client(s)/Customer(s).Location: Location: DHS HQ (TSA Springfield, VA), or Stennis Data Center
Telework Authorized, Remote Hybrid