Position Description Responsible for day to day operations and maintenance of a wide variety of Cyber Support tools, such as ArcSight SIEM, network and host-based (HBSS) Intrusion Detection Systems (IDS), Intrusion Protection Systems (IPS) and their associated architectures. Proactively monitor OM actions through the use of dashboards and quickly resolve any anomalies. Provide periodic Quality of Service metrics demonstrating account management and system updown time of critical components. Consistently strive to make tools more efficient and effective. Perform routine Continuous Monitoring (ConMon) activities and standard OM procedures. Support Assessment and Authorization (AA) activities for deployed assets as required. Responsibilities include, but are not limited to Performs engineering support and system administration of specialized cybersecurity applications, systems and networks in a Cyber Security Operations Center (CSOC) environment to include installation, configuration, maintenance, patching, and back-uprestore. Provides subject matter expertise in creation, editing, and management of signatures, rules, filters, and custom content for specialized cybersecurity systems including but not limited to network and host-based IDS, IPS, and SIEM systems. Administers cybersecurity test beds and tests and evaluates new cybersecurity applications or tools, rulessignatures, access controls, and configurations of cybersecurity platforms. Provides Tier 2 maintenance support for deployed cybersecurity technologies within the CSOC. Supports AA activities through all steps of the Risk Management Framework (RMF). Identifies potential conflicts with implementation of any cybersecurity tools within the enterprise and develops recommendations to remediate these conflicts. Contributes to the completion of milestones associated with specific projects. Provides solutions to a variety of complex technical problems. Position Requirements Minimum Education B.S. or relevant experience in related field. MinimumGeneral Experience 3-5 years of related experience. Experience in a Cybersecurity Operations Center environment desired Minimum of 1 year experience in technologytools specific to the target platforms. Experience shall be in a related security technology or discipline such as Identity and Access Management, Cybersecurity Operations, Cybersecurity Engineering, IT Security Audit, and Information Assurance. IAT Level II (GSEC, Security+, SSCP, or CCNA-Security) certification desired Demonstrated technical experience Experience with COTS technologies used in a Cybersecurity Operations Center environment, including networkhost IDS and IPS, and SIEM technologies. Expertise in cybersecurity enterprise scanning and continuous monitoring, enterprise hostnetwork security and intrusion detection. Expertise with cybersecurity architectural principles such as defense in depth, resilience, and integrated security operations. AA support experience desired Ability to convert functional cybersecurity requirements into system requirements. Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously coordinating resources and ensuring scheduled goals are met. Ability to effectively interact with various levels of senior management is necessary. Ability to make decisions and resolve problems effectively - Seek out information and data to evaluate, prioritize and formulate best solution or practice. Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities. Clearance Requirement Must possess an active TSSCI w a CI polygraph.