equired Personnel Statuses
US Citizen and living within the US
Ability to pass a Public Trust background investigation (“SF-85P”)
Duties and Responsibilities
Includes the following. Other responsibilities may be assigned.
Participate with Client Security Team members
Regularly attending standups and other Client Security Team meetings
Participate in the Client Change Control process
Create and update hardening documentation within central repository, any task/work trackers, as well as any plan of action/mitigation documentation
Assist in performing standard hardening configurations to applications to include but not limited to Apache, Tomcat, Oracle, Web Application Proxy, or any other application that Client determines to be required to support the business operations
Assist in performing standard Linux Operating System Environment (“OSE”) hardening configurations using approved bash scripts, approved Linux-based tools, and any manual configuration deemed necessary
Assist in remediating any identified compliance issues or vulnerabilities findings from reporting published by CISA and MSRC or other reporting agencies that the Client leverages
Assist in remediating identified compliance issues or vulnerabilities findings from reporting developed internally by scanning applications such as Qualys or other scanners
Assist internal teams and subject matter experts in troubleshooting issues brought on by hardening or remediation efforts
Assist the Client DevSecOps team in identifying and developing any potential automation of hardening and remediation tasks
Qualifications
Required Skills/Experience
Familiarity with DISA Security Technical implementation Guides (“STIG”)
Familiarity with Center for Internet Security (“CIS”) Benchmark Standards
Proficient in scripting languages such as Bash and Python
Patch Management and troubleshooting experience within popular Linux distributions such as RHEL and CentOS
Excellent written, oral and interpersonal communication skills
Proven track record working in team-oriented, collaborative work environments
Proven track record with systems planning, security principles, and general software management best practices
Experience developing design diagrams and technical documentation relating to system configuration, processes and service records
Ability to pivot based on customer needs and direction
Recommended Skills/Experience
At least 5+ years of hands-on Systems Engineering experience
Automation Frameworks
Implementing DISA Security Technical implementation Guides (“STIG”) within Linux
- Implementing Center for Internet Security (“CIS”) Benchmark Standards within Linux