Statement of Status: eTRANSERVICES has submitted a bid and is currently awaiting award notification. While the position has not yet been officially confirmed, we are actively preparing to fill the role once the bid is awarded. We are seeking qualified candidates for Senior Internet/Intranet Webmaster. This job is contingent upon the bid being awarded. Upon award, this is a 5-year contract and starts in March 2025 Overview: Provide security engineering and subject matter expertise to conduct market research, product evaluation, prototyping, integration, development, deployment, recapitalization, operations, and maintenance support for a variety of IT Security Division technologies, such as those that fall outside the scope of the GSA MTIPS contract.
Provide support for Government Furnished vulnerability assessment tools, penetration testing tools, malware analysis and digital media analysis tools, online incident ticketing and case tracking, host IDS/IPS, network IDS/IPS, full network traffic collection and retention, analyst workstations, routers, switches, firewalls, storage devices, backup system, logging system, and the SIEM.
Advise and assist IT Security lead with IT Security architecture activities, for all IT Security information systems initiatives supporting all IT Security tools and capabilities.
Collaborate with the IT Security lead to configure, build, provide recommendations, and ensure all hardware and software is IPv6 compliant with the direction set forth by the CISO.
Create procedures and documentation for maintaining all SOC hardware and software.
Perform full-scope administration, management, and configuration, patching, upgrades and optimization of SOC tools, devices and application systems, and servers and sensors.
Provide security device signature maintenance and performance reports; maintain the SIEM to collect and aggregate IDS/IPS data from network sensors, raw data from collection agents, firewalls, proxy servers, antivirus, vulnerability scanner elements and other security-relevant devices; enroll Enterprise and systems information into the SIEM tool and perform asset categorization and prioritization; and install or modify network security elements, tools, and other systems as required to maintain optimal coverage and performance, as approved by the Government SOC Manager Duties: Provide technical expertise in cyber adversary capabilities and an assessment of the intentions of these groups to conduct Computer Network Exploitation (CNE) and Computer Network Attack (CNA) against U.S. private sector and Government networks, and information systems.
Review the ingestion of cyber news feeds, signature updates, incident reports, threat briefs, and vulnerability alerts from external sources and determine its applicability to the environment.
Provide support to detect, prevent, and respond to threats posed by malicious, negligent or compromised insiders, by maintaining in-depth visibility into the Enterprise and having a means of filtering and prioritizing threat data into concise, actionable intelligence.
Provide advanced analysis and adversary hunting support to operations in an effort to proactively uncover evidence of adversary presence on networks. Deliverables for threat intelligence support include, but are not limited to, Daily Summary Reports based on security event analysis.
Share information externally within the cyber intelligence community, such as US-CERT. Deliverables for Cyber Intelligence Support include, but are not limited to, biweekly cyber intelligence reports.
Basic Qualifications:
Bachelor's degree in Computer Science, Engineering, Information Technology, Cybersecurity, or related field PLUS twelve (12) years of experience in incident detection and response, malware analysis, and or cyber forensics.
6+ years of supervising and/or managing teams
8+ years of intrusion detection and/or incident handling experience
Ability to analyze new attacks and provide guidance to watch floor analysts on detection and response
Knowledgeable of the various Intel Frameworks (e.g. Cyber Kill Chain, Diamond Model, MITRE ATT&CK, etc) and able to utilize it in their analysis workflow
Experience with Cloud (e.g. o365, Azure, AWS, etc) security monitoring and familiar with cloud threat landscape
Experience with at least 3 of these tools: ARMIS; Cloudflare; Trellix Security: Cloud/Data/Email/Endpoint/Network Security; Threat Intelligence; SIEM; Microsoft Azure/Defender/Sentinel; RSA NetWitness Logs and Packets; Rapid 7 Nexpose/App Spider; Stealthwatch Netflow; Tenable IO/Web App Scanning; Varonis Data Protection; XACTA 360/IO
Date Posted: 01 April 2025
Apply for this Job