Cybersecurity/Network Administrator

We are seeking a motivated, career and customer-oriented Cybersecurity/Network Administrator to join our team supporting USAFA.  The Cybersecurity/Network Administrator supports the client by supporting and maintaining the organization’s security information and event management (SIEM) and network infrastructure.  The candidate will possess hands-on experience with network infrastructure devices and the SIEM tool. The candidate will also support and perform wireless network administration and incident response activities ensuring that proper protection or corrective measures have been taken when an incident has been discovered.  The candidate will possess communication, critical thinking, problem solving, organizational and interpersonal skills. The candidate must have the ability to multitask and solve technical problems. This job requires you to be on-site in Colorado Springs, CO.

• Maintain the SIEM infrastructure, and deploy products, apps, reports, alerts, and dashboards utilizing business best practices and methodologies
• Maintain, and optimize installation of internal and external SIEM components
• Maintain and administer the infrastructure assets or equipment which include routers, firewalls, switches, intrusion detection or prevention systems, servers, and wireless devices
• Maintain network performance by performing network monitoring and analysis; troubleshoot network problems and escalate problems as appropriate
• Manage events in multiple systems, applications, and other priorities by exercising multi-tasking skills and critical thinking
• Research industry best practices and innovative ideas leading to continuous improvement of the environment and provide recommendations to the client
• Review events using data collected from a variety of cyber tools (including intrusion detection system alerts, firewall and network traffic logs, and host system logs)
• Maintain network documentation including topologies and diagrams
• Assist in network design, implementation, and maintenance
• Maintain stable and consistent connectivity and redundancy across identified network components
• Ability to understand all SIEM inputs/data sources
• Update and maintain documentation including the Incident Response Plan
• Understand all response activities related to cyber incidents
• Participate in preparing, implementing, and monitoring disaster procedures and recovery
• Monitor and maintain existing wireless infrastructure
• Assist with implementing 802.1X, DLP, DNS, and DHCP services

• 4-5 years of related experience
• Experience supporting and maintaining SIEMs (e.g. Splunk or SolarWinds)
• Experience with networking, firewalls, routers, switches, servers, access points, and wireless devices
• Experience supporting and maintaining network and wireless devices
• DoD 8140 (DoD 8570) IAT II CCNA certification
• Secret security clearance
• Must be a US citizen

• Bachelors in Computer Science, Cybersecurity, Information Systems or similar degree/experience
• Understanding of data flows and interconnections between multiple systems within the network environment
• Ability to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means
• Understanding of Incident Response Life Cycle (NIST SP 800-61)
• DoD 8140 (DoD 8570) IAT II CCNP certification
• Understanding of optimizing applications to reduce impact on resources
• Understanding of data backups and recovery (e.g. NIST SP 800-184 & 800-209)
• Understanding and deep working knowledge of 802.11 (wireless technologies)