SITEC - Security Systems Administrator - MacDill AFB

Enterprise Contract (SITEC) – 3 EOM.  This position is located at MacDill AFB in Florida.  

The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (NetOps) to include performing Defensive Cyber Operations (DCO) services, and supporting the Cybersecurity Service Provider (CSSP) to protect, monitor, analyze, detect, and respond to cyber incidents.

The primary objectives of the Security Systems Administrator are to develop, implement, and drive continuous improvement of threat detection capabilities and engineering solutions throughout the USSOCOM enterprise.

• Collaborate closely with SOCOM Enterprise IT infrastructure teams to ensure comprehensive log collection, improve security monitoring capabilities, identify vulnerabilities, and implement security best practices on Enterprise IT assets.
• Modernize Security Operations through integration of continuous threat intelligence feeds into security tools and workflows to inform security decisions, prioritize threat detection, and accelerate response times to emerging threats.
• Design, develop, and implement advanced threat detection signatures, rules, and alerts across the vast SOCOM cybersecurity technologies and IT infrastructure, including multiple SIEM (Security Information and Event Management) platforms, endpoint detection tools, and network security systems.
• Explore and implement security technologies and methodologies to modernize security infrastructure and processes.
• Optimize security operations through automation and orchestrations of repetitive or manual tasks to improve consistency and efficiency amongst security teams.
• Identify emerging threats and vulnerabilities relevant to the organization's environment and develop proactive detection strategies to mitigate them.
• Evaluate new threat detection technologies and techniques to innovate SOCOM security process and tools and provide implementation strategies.

Qualifications:

• 16 years with HS, 14 years with AS/AA, 12 years with BS/BA, 10 years with MS/MA, 7 years with PhD

• A DoD TS/SCI clearance is required
• DoDD 8570.01-M IAT II

Desired Qualifications:

• GIAC Certified Incident Handler Certification (GCIH)
• CompTIA Advanced Security Practitioner (CASP+/SecurityX)
• Ability to communicate security issues clearly to both technical and non-technical stakeholders
• Strong understanding of security technologies used to defend Enterprise networks such as EDR, XDR, IDS, IPS, SIEM and SOAR.
• Hands-on experience using SIEM solutions such as Splunk and Microsoft Sentinel to create threat detections.