Description:
Roles and Responsibilities:
Essential:
JCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). Conduct thorough technical assessments of UNIX-based systems (e.g., Solaris, AIX, Linux variants) for compliance with Intelligence Community Directives (ICDs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 Rev 5 and 800-171 controls.
Other:
-
Perform manual audits of UNIX configurations, user access controls, file system permissions, patch management, and security logging.
-
Analyze vulnerabilities related to UNIX systems and recommend mitigation strategies aligned with JCIP and IC security policies.
-
Interpret and apply complex STIG requirements specific to UNIX environments.
-
Collaborate with system administrators, security teams, and leadership to present findings and provide actionable security recommendations.
-
Lead and mentor Level 1 UNIX inspectors, providing guidance on technical evaluations and inspection reporting.
-
Stay updated on emerging UNIX threats, patches, and best practices for system hardening.
-
Participate in inspection planning, execution, and reporting.
-
Travel as required to support onsite inspections. (8-12 weeks of travel avg, some international and passport required).
-
The primary day-to-day seat is at Tysons Corner.
Knowledge, Skills, and Abilities:
Knowledge:
-
Deep understanding of UNIX operating systems including Solaris, AIX, and major Linux distributions (Red Hat, CentOS, Ubuntu).
-
Expertise in system hardening, patch management, user and group management, file permissions, and security auditing.
-
Proficient in interpreting UNIX-specific STIGs and aligning findings with NIST 800-53/800-171 controls.
-
Familiarity with shell scripting for automation of audit and remediation tasks.
Skills:
-
Strong hands-on experience performing manual UNIX system security audits.
-
Ability to analyze system logs, identify anomalies, and assess system security posture.
-
Effective verbal and written communication skills for technical briefings and reporting.
-
Leadership and mentoring capabilities for guiding junior inspectors.
Abilities:
-
Independently lead UNIX inspections with minimal supervision.
-
Provide expert recommendations for system configuration and architecture improvements.
-
Manage inspection schedules and deliverables effectively.
-
Adapt inspection techniques to diverse UNIX environments and organizational policies.
Requirements:
Certifications:
Obtain an IAT-III or Maintain IAT Level III Certification in compliance with DoD 8570.01-M and DoD Directive 8140 Cyberspace Workforce Management.
CASP+ CE
CCNP Security
CISA
CISSP (or Associate)
GCED
GCIH
CCSP
Level Certifications Indicative of Qualification:
Level 1- CompTIA Linux+, Red Hat Certified System Administrator (RHCSA), Solaris Certified System Administrator (SCSA)
Level 2 - Red Hat Certified Engineer (RHCE), Linux Professional Institute Certification (LPIC-2), Certified Information Systems Security Professional (CISSP)
Level 3 - Red Hat Certified Architect (RHCA), GIAC Certified UNIX Security Administrator (GCUX), CISSP-ISSAP
Education:
Possess a master’s degree, with 8+ years of total experience/equivalent certifications.
Other:
Master’s degree may be substituted with a bachelor’s degree and 5+ years of additional experience/equivalent certifications, for a total of 13+ years.
Clearance:
Hold a Top Secret Security Clearance with SCI eligibility.
Ability to Pass CI Poly.