Cybersecurity Engineer

Position Summary

Odyssey Systems has an exciting opportunity for a Cybersecurity Engineer to support the C3C / Kessel Run (KR) Division, which is within the USAF C3BM Directorate.  This role will focus on cybersecurity with network security/firewall/AWS cloud security.

The network security engineer will have a solid understanding of the modern cyber security landscape with a strong background in network security, cyber-attacks, data loss prevention, and DoD and AF information technology standards and practices.

This is a full-time position located at Hanscom AFB, Bedford, MA.

Responsibilities

Duties include, but not limited to:

Possess a deep understanding of Internet based technologies (DNS, Security, IP Routing, SSH, SFTP, HTTP/HTTPS, etc.). Deep understanding of IP network technologies and software tools for performance monitoring and troubleshooting. (Especially layers 2 and 3). Write and maintain custom scripts to increase system efficiency and lower the human error/intervention time on any task.

Apply knowledge of technical, analytical skills to ensure the confidentiality, integrity, and availability of all information systems assets and ensure compliance with company policies, procedures, contractual, and regulatory requirements.

Knowledge of monitoring and managing network and host-based intrusion prevention systems actively in-line, Full Packet Capture (with analytics), Sandboxing, Data Loss prevention, malware prevention systems, vulnerability scanning solutions, DDOS protection, Security Event/Information Management, host-based integrity checking, end-point security and AV.

Experience with architecture, design, and management of network security technologies and best practices. Participate in network and system design to facilitate implementation of appropriate systems security policies for the AOC WS. Work with other AOC WS group members to ensure that updates to the AOC WS baseline Implementation Plans and other documentations (drawings, databases, spreadsheets, etc.) are up to date and accurate.

Responsible for supporting LAN/WAN security solutions including creating and maintaining LAN/WAN security standards and design documentation Develop and assist with new LAN/WAN security applications and hardware as assigned.

Experience with SEIM technologies and best practices, and experience implementing a more robust advanced security data analytics capability.

• Lead comprehensive network security assessments and risk analyses, proposing robust enhancements to the security infrastructure for KR.
• Stay ahead of cyber security developments, recommend cutting-edge security solutions, and manage the integration of these technologies into existing network platforms.
• Develop and implement network security policies, ensuring alignment with legal and organizational standards, and conduct regular system audits to identify and mitigate vulnerabilities.
• Participating in network and systems design to ensure implementation of appropriate systems security policies align with KR Policies.
• Apply advanced consulting skills and/or extensive technical expertise; full industry knowledge of cybersecurity engineering, cyber forensics, network security tools and technologies, cybersecurity policy, procedures, and workforce structure to design, develop, and implement recommendations for a secure enclave environment, and best practices.
• Investigate, monitor, and troubleshoot firewall-related issues including performance and connectivity problems and security logs to identify and respond to potential threats and vulnerabilities, conducting routine PAN OS checks for monitoring and analysis.
• Maintain detailed and accurate documentation of firewall configurations, changes, and network diagrams.
• Participate in security incident response activities, including the investigation, documentation, and remediation of security incidents, for incident response.
• Continuously monitor network traffic and firewall logs to detect and respond to security incidents.
• Direct prompt investigation and resolution of security incidents and breaches, maintaining meticulous documentation and stakeholder communication.
• Review Information Assurance Vulnerability Alerts/Bulletins (IAVA/B) related to Palo Alto products and develop and implement remediation plans.
• Identify opportunities for leveraging cloud technologies to improve operational efficiency, scalability and cost-effectiveness with the migrations of the AOC WS 10.1 system to the AppTX platform.
• Experience with AWS monitoring and optimizing performance using CloudWatch.
  • Monitor the KR AWS stack (applications, infrastructure, network, and services) and use alarms, logs, and events data to take automated actions and reduce mean time to resolution (MTTR).
  • Utilizing CloudWatch, monitor applications, respond to performance changes, optimize resource usage, and provide insights into operational health of the KR stack.
  • Publish log-based metrics, create alarms, and correlate logs and metrics together in CloudWatch Dashboards for complete operational visibility.
• Experience with AWS auditing, compliance monitoring and governance using CloudTrail.
  • Configure the logging of management events, data events, and CloudTrail Insights events IAW KR Policy.
  • Audit and monitor access control information about each action, including who made the request, the services used, the actions performed, parameters for the actions, and the response elements returned by the AWS service.
  • Ensure API calls made to every resource in their AWS account are recorded and written to a log IAW KR policy.

Generate reports to view, search, download, archive, analyze, and respond to account activity across KR AWS infrastructure. Identify who or what took which action, what resources were acted upon, when the event occurred, and other details to help you analyze and respond to activity in your AWS account IAW KR Policy.

Qualifications

Citizenship: Must be a US citizen

Minimum Required Qualifications

Clearance: Must have and be able to maintain a Secret Level Clearance

Preferred Qualifications

Education: Bachelor's Degree in a related field

Years of experience: 12 years of experience, 5 of which must be in the DoD

Additional Information

Location: Hanscom AFB, Bedford, MA

Travel: Travel may be required at the customer's discretion

Must be onsite at Hanscom AFB 3-5 days per mission requirements

#LI-MK1

Company Overview

Odyssey Systems Consulting Group, is an innovative small business committed to providing world-class technical, management, and training support services to government and public sector clients. We focus on people, processes, and performance to deliver superior results. Since our inception in 1997, our commitment to mission success and customer satisfaction has been recognized with exponential growth and exceptional past performance ratings. We accept challenging assignments and drive projects from the planning stages, through implementation, and into operations and support.

Please note: Final compensation for this position will be determined by various factors such as the Federal Government contract labor categories and contract wage rates, relevant work experience, specific skills and competencies, geographic location, education, and certifications.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities