Microsoft Active Directory, Microsoft Exchange, Windows Server, CompTIA Security
Senior level System
Administrator with diverse knowledge in patching systems with the following
technologies:
• VMware VSphere/ESXi
• Windows Server
• Windows 10/11
• WSUS
• HBSS
• RHEL
• MECM
• Microsoft Sharepoint
• Microsoft Exchange
• Ansible
The following skillsets are a must:
• Patch Management
• Time Management
• Troubleshooting
• Organization
• Documentation
• Self-starter
· Trellix Knowledge:
o Familiarity with applying updates, configuring policy rules, and managing Trellix HBSS based endpoint security.
o Experience with troubleshooting Trellix ESS related issues, including endpoint deployment, data loss prevention, and policy application.
· Proficiency in PowerShell Scripting:
o Writing, debugging, and enhancing scripts for various tasks such as driver imports into MECM, automating software updates, and GPO modifications.
o Ability to create dynamic scripts that adapt to different environments and systems, incorporating error handling and security features.
· Experience with Systems and Application Management:
o Expertise in using tools like MECM (Microsoft Endpoint Configuration Manager) and WSUS for software updates, server rebuilds, and driver management.
o Familiarity with deploying and managing GPOs and working on integrations between systems (e.g., SCCM, MECM, WSUS, and Active Directory).
· STIG Compliance and Remediation:
o Extensive knowledge in conducting and automating Security Technical Implementation Guides (STIG) checks on various systems (IIS, WSUS, Exchange, etc.).
o Experience with tools like Evaluate-STIG and writing scripts to automate compliance and remediation tasks.
· Problem Solving and Troubleshooting Skills:
o Ability to troubleshoot complex system and network issues (e.g., IIS crashes, MECM job failures, and antivirus conflicts).
o Experience in diagnosing issues related to system configurations, security vulnerabilities, and application deployment.
· Cybersecurity Knowledge:
o Knowledge of security protocols, CVE identification, and ensuring compliance with security policies and standards (e.g., NIST).
· Documentation and Process Improvement:
o Documenting processes and procedures for system management, patch management, and automation scripts.
o Identifying areas for process improvement, especially around automation of tasks like WSUS updates, BitLocker management, and device security hardening.
Desired Experience:
Administrator Roles and Responsibilities:
o Ansible
o ESXi
o ACAS
o HBSS
o STIG
o Self motivated
· ·Subject Matter Expert (SME) on cybersecurity testing processes such as Security Technical Implementation Guides (STIGs), Security Content Automation Protocol (SCAP), Evaluate STIG and Assured Compliance Assessment Solution (ACAS) scanning.
o Monitor configuration management (CM) of system security controls across all types of JEXC2 systems and the upkeep of Plan of Action and Milestones (POAM) of each accreditation package.
o Work with the JEXC2 technical disciplines to ensure security control settings are implemented and tracked properly in hotfixes, patches and maintenance releases.
o Create and review cybersecurity test plans and work with JEXC2 project Information Systems Security Engineers (ISSEs) to ensure Security Assessment Plans (SAPs) are constructed properly.
o Conduct cybersecurity assessments on customer components in order to identify vulnerabilities not addressed in standard DoD/DoN compliance methods.
· Vulnerability Management:
o Provide scans of security threats and perform corrective action IAW DISA STIGs, TCNOs, and local security guidance.
o Must monitor cyber event tasking to detect and mitigate malicious cyber events.
o Must maintain software exemption lists for automated patching.
o Must utilize approved AIS to monitor, review, and generate applicable TCNO status listing and report to CFP weekly.
· Vulnerability Scanning:
o Must identify and implement required software patches to network OS in standard desktop and standard server configurations.
o Must monitor vulnerabilities on NIPRNet/SIPRNet network systems using the scanning methods IAW local operating procedures.
o Must maintain information servers and software systems and conduct applications monitoring and maintenance.
o Must conduct performance management checks on servers IAW Network Operating Instructions and Air Force Network (AFNET) directives.
