Cybersecurity Technical Administrator AWS

Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you’ll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Your Role and Responsibilities
This position is for a Cybersecurity Technical Administrator supporting the the client’s Cybersecurity Incident Response Team. This position can be performed primarily remotely but does require the ability to be on site in Radford VA occasionally. The client is a hosting provider for Army IT systems providing various levels of sustainment support for our hosted systems. The client is also a managed service provider (MSP) for Army IT systems and we support enterprise applications owners in migrating their systems into Microsoft Azure. We also provide sustainment services to support their applications. This position is for a cybersecurity technical administrator role to support a full range of cybersecurity services that the client provides to our customers.
As part of the Cybersecurity Division – Cyber Incident Response Team deploy install manage and operate Security Information and Event Management (SIEM) solutions to include Splunk and/or Elasticsearch.
Responsible for assessment of threats and vulnerabilities to organizational computing assets and developing/integrating rules queries and filtering techniques to produce meaningful risk analysis for responses.
Coordinate with the client team to ensure all devices and components report all relevant logs to the SIEM solution and perform troubleshooting and maintenance of assets.
Monitor DoD and Army web application security standards and best practices as well as reported/disclosed vulnerabilities. Work with internal and external customers to track remediate and report compliance for disclosed vulnerabilities.
Work with a team to review Army Cyber Tasking Orders (CTOs) determine applicability and response and incorporate required changes.
Validate technical security controls are in place for operating systems applications and network appliances and recommend enhancements.
Review proposed SIEM configuration changes for security impact.
Work with technical and policy teams to implement maintain and monitor technical security configuration controls including: STIGs SRGs and other industry security hardening guidance.
Collaborate with internal and external parties to transform high-level technical objectives into comprehensive technical requirements.
Interact with Army Cyber Security Service Providers and customer ISSOs/ISSMs on a regular basis.

Required Technical and Professional Expertise
US citizenship and a Security Clearance: DOD Secret (Fully Adjudicated) as a minimum Day 1. Required Certifications: CompTIA Security+ IAT Level II (Security+ CE etc.) Baseline certification as defined in DoD Instruction 8570.01-M (generally Security+ CE).
Mid to senior level Cybersecurity Technical Administrator experience.
Extensive experience implementing tuning and monitoring SIEM rulesets.
Strong verbal and written communication skills and ability to work cooperatively as a member of a team.
Strong understanding of common cyber threat patterns indicators of compromise and defenses.
Experience working with auditors customers and other stakeholders to develop meaningful alerts dashboards and reports.

Preferred Technical and Professional Expertise
Strong understanding of Linux (preferred) and Windows Operating Systems.