Duration: 5 years
Shift Schedule: May include after-hours maintenance windows and on-call rotation
Requested Clearance: Active DoD Secret Clearance Required
Work Environment: Supports the DCMA Enterprise Network Support Services (ENSS) program protecting over 200,000 users and millions of enterprise devices across global DoD networks. Position requires collaboration with Cybersecurity, NOC, Network Engineering, Firewall, Collaboration, and RMF teams in a mission-critical environment.
Travel: Up to 10% CONUS/OCONUS as required.
Shift Support: May include after-hours maintenance windows and on-call rotation.
Position Overview: The FireEye / Gigamon Cybersecurity Engineer provides engineering, administration, monitoring, and operational support for the Defense Contract Management Agency (DCMA) Enterprise Security Architecture. This position is responsible for deploying, managing, and optimizing FireEye/Trellix security platforms and Gigamon visibility solutions to enhance threat detection, network observability, incident response, and cybersecurity operations across DCMA enterprise environments. The engineer works closely with Network Operations Center (NOC), Cybersecurity Operations, RMF, ACAS, SIEM, Firewall, and Network Engineering teams to ensure continuous monitoring, threat visibility, and protection of enterprise networks supporting CONUS and OCONUS users.FireEye Helix was designed to unify network, endpoint, and third-party security visibility while integrating threat intelligence and automated security operations capabilities.Gigamon provides deep observability and network-derived intelligence by delivering optimized traffic to security and monitoring tools, eliminating network blind spots and improving threat detection.
Primary Responsibilities:
FireEye/Trellix Operations:
- Administer and maintain FireEye/Trellix security platforms, including: FireEye Network Security (NX), FireEye Email Security (EX), FireEye Endpoint Security (HX), FireEye Helix SIEM/XDR, FireEye Central Management System (CMS)
- Monitor and analyze security events, malware detections, indicators of compromise (IOCs), and advanced persistent threats (APTs).
- Develop correlation rules, threat-hunting use cases, dashboards, and automated response workflows.
- Integrate FireEye solutions with: LogRhythm SIEM, ACAS, CheckPoint Firewalls, Cisco Security Platforms, Active Directory and Threat Intelligence feeds.
- Conduct incident response activities and forensic investigations utilizing FireEye and Mandiant intelligence resources.
- Support Cybersecurity Service Provider (CSSP) operations and enterprise security monitoring.
Gigamon Visibility Fabric Operations:
- Engineer and administer Gigamon visibility solutions, including: GigaVUE Appliances, GigaSMART, GigaVUE Fabric Manager and Deep Observability Pipeline.
- Configure TAPs, packet brokers, traffic aggregation, filtering, deduplication, and SSL/TLS decryption services.
- Design and maintain traffic distribution policies supporting: FireEye/Trellix, LogRhythm, ACAS, IDS/IPS, Network Performance Monitoring tools.
- Optimize east-west and north-south traffic visibility across: Data Centers, Cloud Environments, Virtualized Infrastructure, Hybrid Networks.
- Perform packet analysis and troubleshooting using: Wireshark, TCPDump, Gigamon Analytics.
- Gigamon solutions provide traffic intelligence, packet optimization, metadata generation, filtering, and visibility across hybrid cloud and enterprise environments.
Cybersecurity Engineering:
- Develop and implement security architecture improvements.
- Support RMF security controls and continuous monitoring activities.
- Conduct vulnerability assessments and remediation validation.
- Support STIG compliance initiatives.
- Participate in Change Management and Configuration Control Boards (CCB).
- Create engineering documentation, SOPs, implementation guides, and technical reports.
- Provide Tier III escalation support for cybersecurity incidents.
Monitoring and Reporting:
- Provide 24x7x365 operational support as required.
- Generate daily, weekly, and monthly cybersecurity status reports.
- Brief government leadership on: Security incidents, Threat trends, Visibility gaps, Risk mitigation actions and Compliance posture.
Required Qualifications:
- Active DoD Secret Clearance.
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
- Minimum 5 years of cybersecurity engineering experience.
- Minimum 3 years supporting enterprise security monitoring platforms.
- Experience with: FireEye/Trellix products, Gigamon Visibility Fabric, LogRhythm SIEM, Cisco enterprise networking, Palo Alto or Check Point firewalls, Windows Server and Active Directory & Packet capture and analysis tools.
Preferred Qualifications:
- FireEye/Trellix Certifications
- Gigamon Certified Professional (GCP)
- CISSP
- CASP+
- CCNP Security
- GCIA
- GCIH
- CEH
Desired Knowledge & Skills:
- Advanced Persistent Threat (APT) detection
- Threat Hunting
- Network Traffic Analysis
- Incident Response
- Malware Analysis
- Security Automation
- SIEM Engineering
- IDS/IPS Technologies
- Packet Broker Technologies
- Network Forensics
- Cloud Security Monitoring
- Zero Trust Architecture
- RMF and NIST 800-53 Controls
Tools & Technologies:
- FireEye Helix / Trellix XDR
- FireEye HX, NX, EX
- Gigamon GigaVUE
- GigaSMART
- GigaVUE-FM
- LogRhythm SIEM
- ACAS
- SolarWinds
- Wireshark
- CheckPoint Firewalls
- Cisco Routers and Switches
- VMware
- Active Directory
- Splunk (desired
LI_TSC
About our Company: -
22nd Century Technologies, Inc., is one of the fastest growing IT Service Integrator and Workforce Solution companies in the United States. Founded in 1997, 22nd Century Technologies is a Certified National Minority Business Enterprise with 6,000+ people including 600+ Cyber SMEs nationwide supporting our customers in all 50 states, Canada, and Mexico. With HQs in Somerset, NJ and Mclean, VA, 22nd Century has 14 offices throughout the United States. As part of our unrelenting focus on quality and compliance, 22nd Century Technologies’ delivery is based on Certified Matured Processes including CMMI L3 Dev & SVC, ISO 20000, ISO 27001, and ISO 9001 quality processes. With a strong focus on the public sector, 22nd Century currently holds government contracts with 14 out of 15 Federal Executive agencies including DoD, 37 other Federal agencies, 50 States, 115+ Local agencies, and 37 School Districts. In the last three years, we have expanded our services to Fortune 500 and other commercial clients and currently support 80+ commercial clients.
Recognized among “Best Company to Work For” by Forbes, 22nd Century Technologies, Inc., consistently exceeds our clients’ expectations by focusing on their absolute satisfaction with jobs while keeping our employees motivated.
“22nd Century Technologies is an Equal Opportunity Employer" and “US Citizens & all other parties authorized to work in the US are encouraged to apply."
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Pay: $130,000.00 - $150,000.00 per year
Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Vision insurance
Education:
Experience:
- supporting enterprise security monitoring : 3 years (Required)
Security clearance:
Ability to Commute:
- Fort Gregg-Adams, VA 23801 (Required)
Work Location: In person