View Our Website View All Jobs

HBSS Analyst - TS/SCI Required

TS/SCI Clearance Required.

Overview:

Support tasks will include endpoint security of 5 networks via administrative configurations, testing, analysis work, and auditing the HBSS suite (or comparable service) through modules such as Virus Scan Enterprise (VSE), Host Intrusion Prevention System (HIPS), Rogue System Detector (RSD), etc.  Tasks will include analyzing logs to identify events, reviewing data transfers, developing processes to streamline analysis into Standard Operating Procedures (SOPs), documenting processes and requesting changes, preparing leadership level reports and reports to Tier 2, maintaining compliance with (Intelligence Community) IC and United States Cyber Command (USCYBERCOM) directives, and tasks as needed for HBSS events.

Including, but not limited to:

  • Providing analytical support services for the HBSS environments at NASIC
  • Supporting 5 networks through HBSS modules

Description:

  • Use VSE/HIPS to identify events that occur on NASIC’s foundational networks
  • Use Data loss Prevention (DLP) to review data transfers at NASIC and review unauthorized transfers
  • Review RSD to identify rogue systems and subnets
  • Utilize Policy Auditor (PA) to streamline NASIC processes such as compliance requirements, patching/updating, and Security Technical Implementation Guide (STIG) checks
  • Operate, maintain, and document configuration management controls to include, but not limited to, VSE, HIPS, and DLP tuning processes
  • Have access to McAfee recommended solutions to verify false positives while tuning and operating HBSS.
  • Support installation/admin/update of HBSS software, server and signatures
  • Gather technical information in support of the NASIC Configuration Change Request (CCR) process to include microcode software updates, license software changes, and updates to antivirus applications; submit a Government CCR documenting the change and receiving approval prior to completing the modification
  • Develop standard operating procedures to assist with HBSS program continuity
  • Perform cyber assurance and track significant events, as required, such as Incident Reports, audit reporting, and open Communication System Requirement Documents (CSRDs)
  • Prepare documents and data for delivery to Tier 1 support as required for Intelligence Community Directives (ICDs) and Intelligence Community Standards (ICSs)

Qualifications:

  • Possess a proven ability to balance, prioritize, and organize multiple tasks
  • Possess a proven ability to resolve complex problems efficiently and effectively while recognizing customers’ competence levels and approaching each level appropriately
  • Possess extensive knowledge supporting McAfee/HBSS components
  • Have vendor specific training/certifications: Admin 201 or equivalent & HBSS Advanced Analyst 501 or equivalent
Read More

Apply for this position

Required*
Apply with Indeed
Attach resume as .pdf, .doc, .docx, .odt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

150