Description

Job Description:

Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, various cloud environments, security devices, servers and workstations. The CBP SOC is responsible for the overall security of CBP Enterprise-wide information systems, and collects, investigates, and reports any suspected and confirmed security violations.

• 3-5 years' experience in Systems Engineer/Admin role or an equivalent of 3-5 years in Cybersecurity.

• Hands on experience on AWS - Majority of the environment systems are in AWS. These may include EC2, Storage, Lambda, S3, VPC, Storage Gateways

• Hands on experience with Linux - More than half of the systems being managed are Linux. This ranges from CentOS, Amazon Linux 2, RHEL, Kali Linux, and Rocky Linux. Knowledge/experience in patching and updating these will be key.

• Knowledge/experience with Windows - Need knowledge in setting up and building using images. Someone who knows the ins and outs of where logs and other locations of data are on a windows system is a plus.

• Hands on experience with Troubleshooting - Mid to high level troubleshooting skills. Have the knowledge and experience on where to look for logs and errors within applications and OS's.

• Knowledge and understanding of Networking and how it all ties together - networking knowledge, VPNs, DNS, DHCP, AWS VPCs, Firewalls.

• H knowledge/experience on Applications - automation software such as Ansible, Windows SCCM, or any automation software.

• Understanding of cybersecurity processes and protocols.

• Knowledge and understanding of some Antivirus software such as McAfee and CrowdStrike. Any HIPS software and how it works.

• Understanding of SOPs, Playbooks, and experience in creating documentation.

• Bachelor's degree in computer science, Engineering, Software Development, Information Technology, Cyber Security, or related field and 6 years of related experience. Additional years of experience and cyber certifications may be considered in lieu of degree.

• Familiar with the management, operational, and technical aspects of IT Security in a complex enterprise environment. Additional experience in cyber risk management and assessments will be considered.

• Knowledge and familiarity with in-depth analysis of Zero Trust Capabilities, Infrastructures and Architecture.

• All Department of Homeland Security CBP SOC employees are required to favorably pass a 5-year (BI) Background Investigation.

• Ability to learn and support new systems and applications.

• Redhat, Cisco or Microsoft, Security+, Linux+, or Network+ certifications

• Cisco Hardware and Storage

• Expertise in Networking, Linux and Windows

• Sourcefire (snort) or RSA Security Analytics (network) experience a plus

• Ability to script in one more of the following computer languages Python, Bash, Visual Basic or Powershell