The CDM Program is managed within the DHS National Protection and Programs Directorate, (NPPD)/Office of Cybersecurity and Communications (CS&C)/Network Security Deployment (NSD) Division, responsible for enhancing the security, resilience, and reliability of the Nation’s cyber and communications infrastructure. The DHS CDM Program mission is to safeguard and secure cyberspace in an environment where the threat of cyber-attack is continuously growing and evolving. The CDM Program defends the United States (U.S.) Federal Information Technology (IT) networks from cybersecurity threats by providing continuous monitoring sensors (tools), diagnosis, mitigation tools, and associated services to strengthen the security posture of Government networks.
What You’ll Get to Do:
On our team, you’ll be responsible for enabling solution development and operations teams though the provisioning, management, and automation of a complex multi-platform lab environment. You’ll be living, working, and automating deployment and management of objects from a single VM to entire enclaves within the secure GovCloud regions of AWS and Azure as well as a small on-premises enclave.
You won’t be living in a confined technological stovepipe or swim-lane. Our labs must empower a highly diverse set of activities within the CDM program for a diverse internal client base. Flexibility and adaptability are ways of here on the CDM team.
More About the Role:
A highly technical “Jack of all Trades”. You might be a SME in one or more things, but you’re able to learn and adapt to new challenges and technologies.
You will need to work with many teams and interact with customer technical teams.
Communicates clearly with both technical and non-technical colleagues, sharing knowledge and insight.
Works in a team to integrate systems and solutions, triage issues, and prioritize tasks
Provision, install, configure, monitor and maintain operating systems hardware and software infrastructure (either or both of Windows and Linux).
Design, implement, and manage our “Shared Services” enclave, which provides core network/system services to many of the lab enclaves in AWS and Azure, but still manages a partial-rack on-prem environment as “one” CDM Lab.
Creates and manages scripts for managing systems and entire enclaves.
Collaborates in administering databases and network infrastructure
Automates integration with patch management, configuration management, and security/reporting infrastructures.
Produces detailed documentation and diagrams regarding the Lab and the solutions within the Shared Services enclave.
Provides key input to the vision and direction of the Labs-as-a-service model.
Recommend engineering policies, processes, procedures, and standards guidelines for development and operations environments.
Provide guidance and controls for the application of engineering processes and approaches across delivery projects.
You’ll Bring These Qualifications:
US Citizenship required
Must meet eligibility requirements for access to classified information and be clearable to a Department of Homeland Security (DHS) EOD clearance.
Active DoD clearance Secret or above
University Degree (BS), or equivalent years of related experience, and additionally 7+ years of related IT experience required.
Able to provide rotating On Call Support 24x7x365
Experience integrating, troubleshooting, and automating systems in a Linux/Unix environment (CentOS/RHEL preferred)
Patch management on all Linux systems and databases and production systems; Apply regular and security updates to servers, database and web applications
Experience administering Windows Server infrastructure, including software installations, installation/upgrades to operating systems and maintenance/troubleshooting
2+ years’ experience in Systems Administration with Microsoft Active Directory, DNS, DHCP, backup operation and maintenance, and basic TCP/IP troubleshooting
Experience administering and configuring MS Hyper-V services
Administration with Windows PowerShell
Experience installing and configuring COTS software applications
Strong experience with understanding and implementing STIGs and other vendor-provided hardening guidance.
Experience with log management, network protocols and testing
At least one active certification from the list below:
McAfee Product Specialist - ENS (Endpoint Security)
McAfee Product Specialist - ATD (Advanced Threat Defense)
McAfee Product Specialist - ePO (ePolicy Orchestrator and VirusScan)
McAfee Product Specialist - NSP (Network Security Platform)
McAfee Product Specialist - HIPs
McAfee Product Specialist - DLPe (Data Loss Prevention Endpoint)
McAfee Product Specialist - SIEM (security information and event management)
CyberArk Trustee certification (Level 1)
CyberArk Defender certification (Level 2)
CyberArk Sentry certification (Level 3)
CyberArk Guardian certification (Level 4)
SailPoint Certified IdentityIQ Engineer
SailPoint Certified IdentityIQ Architect
These Qualifications Would be Nice to Have:
Technical degree in Computer Science, Computer Engineering, or a related subject area.
Relevant Technical and/or Security Certifications (e.g. Security+, CISSP, et cetera)
Experience integrating and troubleshooting systems in Windows environment
Experience configuring and administering AWS based environments.
Experience with any or all of these technologies or willingness to learn: Tanium, McAfee, SCCM, Azure, AWS Services, Forescout, Tenable Nessus, Retina, Radiant, Sailpoint, CyberArk, and other technologies as defined.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.