Endpoint Security Solutions |ESS| Lead
Security Clearance required: Top Secret
US Citizenship Required
Location: Seaside, CA
Project Summary: This position will be responsible for supporting the operation and maintenance of a cybersecurity operations center (CSOC). Including but not limited to: maintaining the security posture of information systems from its conception to retirement through the integration of Information Systems Security and sound information assurance practices, facilitate use of Cybersecurity technical information in the design, development, testing, evaluation, operations, and maintenance of information technology for the customer's systems, implement Real-time Threat Detection and Mitigation Toolsets, provide proactive cybersecurity threat hunting and penetration testing teams searching the network for gaps and or/signs of attackers before a compromise turns into a full breach, and to resolve incidents and problems and ensure the delivery of high-quality services delivered as rapidly and effectively as possible.
- Participate as system security and cyber subject matter expert in support of engineering design teams and functional interoperability assessments.
- Support the cybersecurity architecture by providing active and engaged solutions to IT teams relative to security design and review processes. Ensure the effective operations of existing and future Cybersecurity IT.
- Conduct HBSS Event Analysis Process and validate unknown behavior with appropriate functional group, identify if a system is under attack or a component is not functioning correctly.
- Move agents that have not checked in for 30 days to an inactive directory and delete agents that have not checked in within the last 60 days. Validate assets no longer exist with the appropriate asset owner.
- Provide a daily checklist confirming that following tasks have been performed:
- Update Master Repository completes.
- HBSS/ESS servers are connecting to DoD Patch Repository.
- HBSS/ESS servers connecting to DISA's CMRS.
- Rogue System Detection sensors have appropriate coverage and are operational.
- ePO roll-up is functioning.
- Server outages or any issues preventing roll-up functionality.
- Status of Patch Repository connectivity
- Anti-virus, anti-spyware, firewall, device control, and application whitelisting event analysis
- Run queries for inactive agents and resolve them daily.
- Monitoring for new rogue systems
- Security intrusions and violations
- Diagnose HBSS (blocked and detected) alerts from HIPS, AV/AS, and RSD, coordinate with functional areas within the organization.
- Create and maintain a HBSS Change Management Standard Operating Procedure (SOP); test HBSS directives, system changes and policies, comply with COOP procedures
- Provide the HBSS: USCYBERCOM compliance chart for each ePO server; list of rogue assets identified; obstacles and remediation actions as part of the weekly Scanning and Monitoring report.
- US Citizenship is a requirement of this position in accordance with U.S.C. § 1324b(a)(2)(C)
- 5+ years of experience in administration and operations of McAfee ePolicy Orchestrator, Endpoint Security (AV/Host Firewall/Host IPS/Web Control), Policy Auditor (PA), Rogue System Detection (RSD), Threat Intelligence Exchange (TIE), and Data Exchange Layer (DXL) products and modules.
- Must have an active DOD 8570 IAT III Certification (CASP+CE, CISSP, CISA, CCNP Security, GCED, GCIH)
- Must have Computing Environment (CE) certification(s) relating to the environment or specific tools pertinent this position (HBSS or Endpoint Management)
The physical demands and work environment characteristics described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Physical Demands: While performing the duties of this job, this position requires the ability to sit for potentially long periods of time throughout the workday. Hearing sufficient to understand conversations, both in person and on the telephone. Dexterity of hands and fingers to operate a computer keyboard, mouse, power tools, and to handle other computer components for potentially long periods of time without experiencing abnormal hand, wrist, or eye strain. Occasional inspection of cables in floors and ceilings. Lifting and transporting moderately heavy objects, such as computers and peripherals. Must be able to lift up to 50 pounds.
- Work Environment: Includes a typical office environment, with minimal exposure to excessive noise or adverse environmental issues, including exposure to heat, cold, inclement weather conditions, and occasional environmental hazards. Local, regional, and national travel may be required.
Medical, Dental, Vision Plan
AD&D and Life Insurance
Paid Federal Holidays
Paid Time Off
401(k) Retirement Plan
Epsilon is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applications will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. EEO/AA: Minorities/Females/Disabled/Vets.
Please click here to review your rights under EEO policy.
If you are an individual with a disability and need special assistance or reasonable accommodation in applying for employment with Epsilon, Inc., please contact our Recruiting department by phone 828-398-5414 or by email firstname.lastname@example.org.