JSP ADP Tipping Point Engineer / Specialist
5 - 7 years experience • Professional, Scientific & Technical Services
The Joint Service Provider Active Detection and Prevention Team Tipping Point Engineer/Specialist will support a multi-year effort to improve the DoD's security posture and provide enhanced security capabilities and analytics by centralizing and virtualizing networksecurity. In this role, you will act as the senior support person for the Tipping Point implementation. In this capacity you will work as part of a multi-disciplinary team that supports the active and passive Computer Network Defense (CND) tools deployed in security stacks. You will also integrate with other technical teams, with DISA personnel, with vendor technical support personnel, and with technical representatives from DoD services. The successful candidate will be able to do the following Tipping Point tasks:
- Install and configure the tool (including any work that needs to be done on the underlying OS) * Integrate the tool for RBAC services such as AD, LDAP, TACACS+ * Configure the tool to work with system health monitoring tools via SNMP for status
- Create and edit profiles appropriate for the customer environment
- Create custom rules with the DB toolkit
- Apply profiles to virtual segments
- Understand filters with profiles and impact they have on performance
- Monitor the tools health and performance
- Tune system parameters to enhance/improve system performance
- Provide Tier 2/3 troubleshooting for Tipping Point issues, either within the tool or as part of an integrated team of professionals addressing larger issues
- Assist other JRSS teams that perform lifecycle O&M on the tools by acting as tool expert
- Configure, troubleshoot, and monitor Tipping Point event flows including the integration of Tipping Point data into a SIEM for use by cyber intrusion analysts
- Provide on the job training to less experienced JRSS, DISA or DoD Services team members
- Act as the senior subject matter expert on the tool for interactions with other team.
- *EDUCATION & EXPERIENCE: : BS or equivalent + 5 yrs related experience, or MS + 3 yrs related experience.
- REQUIRED QUALIFICATIONS:* Experienced with installing and configuring Tipping Point (including any work that needs to be done on the underlying OS) * Experience with the integration for RBAC services such as AD, LDAP, TACACS+ * A good understanding of TCP/IP communications and Linux/Unix server construction, configuration, and maintenance * A general knowledge of router and firewall functionality on a network.
- Experience with SNMP and configuring Tipping Point for health monitoring
- Experience with developing custom rules with the DV Toolkit * A good understanding of filters with profiles and the impact on performance
- Experience with monitoring health and performance of Tipping Point
- Experience with Tipping Point performance tuning
- Good written and oral communications skills and be able to appropriately present highly technical material to both technical and non-technical audiences.
- SECURITY CLEARANCE / CERTIFICATION: A DoD Secret clearance is required to work on this program. In addition, you must be able to successfully obtain up to Top Secret based on requirements from the customer and program. DoD 8570 IAT2 certification is required
- ADDITIONAL DESIRED QUALIFICATIONS* Prior experience as a network intrusion analyst or Security Operations Center analyst. Experience configuring and maintaining the tool in a multi-tenant environment Experience with one or more of the other CND tools in the JRSS cyber suite: Fidelis DLP and MDE SourceFire ArcSight Gigamon Opswat Inquest Argus/Bro ELK (ElasticSearch, Logstash, Kibana)