Software Systems Engineer Intm

Vectrus has an immediate need for a Software Systems Engineer to provide Information Technology (IT) support services to a customer in Honolulu, HI. Personnel will conduct Defense Cyber Operations – Internal Defense Measures (DCO-IDM) to defend against unauthorized activity on supported networks. Support will be onsite.DUTIES INCLUDE:Network Infrastructure Security: Perform penetration testing (PT) and vulnerability testing IAW ARCYBER and RCC-P/DCO-Division Chief guidance and established Best Business Practices (BBPs), regulations, policies and procedures. Utilize known adversarial and other techniques such as Initial Operational Tests to identify existing adversary cyberspace attack vectors. Based on findings, prepare information briefs, white papers, and recommendations to provide Command visibility of the vulnerability, and to enhance the security posture of the networks.Defense in Depth Technologies and Procedures: Assess common Defense in Depth Technologies and Procedures for Post/Camp/Station (P/C/S) security enclave metrics, trends and analysis. Conduct Network Assistance Visits (NAV) IAW established BBPs, regulations, policies and procedures as requested by the TM and approved by the COR. NAVs may entail security testing, threat briefs, and user/leadership training on DCO topics. Findings from the NAV shall be used to produce follow-on information briefs, white papers, training requirements, and recommendations to the requesting command.New Technologies, Software Applications, and Network Devices: As directed or for the purpose of meeting a specific DCO-IDM requirement, assess new technologies and devices relevant to DCO-IDM. Technologies related to Penetration Testing will be vetted in accordance with 1st Information Operations Command and RCC-P SOPs and TTPs. Determine if technology or device will support/satisfy new requirements, positively enhance the analysis process and security posture of the networks, integrate into existing DCO-IDM architecture and tools sets, and can be properly accredited and authorized for use in the respective AOR. Upon completion of the assessment, information briefs, white papers, and recommendations will be provided to RCC-P leadership of final evaluation and determination of a course of action.Network and System Assessments: Detect systemic DCO vulnerabilities on the networks; Execute persistent PT utilizing approved guidance and tools. Emulate TTP’s employed against the Army Networks, routinely target and assess enterprise (Army managed) level systems and network architecture to identify exploitable points of entry into Army networks and systems. Results of each assessment (on- going) will be used to determine best method of mitigation or continued monitoring. Findings will be briefed routinely to the network/systems owner (or Approving Official (AO) or ISSM).Network Damage Assessment: Deploy an Incident Response Team (IRT) (as determined and approved by the COR and establish incident response TTPs) with appropriate equipment required to successfully perform a Network Damage Assessment as outlined in AR 380-53. The intent of the Network Damage Assessment is to discover and mitigate negative effects for suspected and confirmed compromises of DoD networks, maintain, and update policies and procedures following each submission. The assessment shall consist of: a) Gathering host logs from compromised system(s)b) Conducting on-site scans with an anomaly detection tool to determine width of incident)c) Incident handling on-site for newly identified compromised systemsd) Assist on-site administrators with securing affected network(s)e) Assist in clean up as required)f) Provide daily updates on situational awareness to leadership/pertinent agencies)g) Prepare final Network Damage Assessment report)h) Publish and maintain Network Damage Assessment TTPsi) Coordinate Network Damage Assessment efforts with ARCYBER and affected organizationsPenetration Testing (PT): Evaluate new PT TTPs (new tool usage or adversary TTP) as required for inclusion on approved PT tools list and maintain PT TTPs and tools. Document training and use of all vetted PT tools.Situational Awareness of evolving cyberspace threat trends: Participate in CONUS/OCONUS Information Technology Security Seminars/Training events (i.e. Black Hat, Defense Readiness Condition (DEFCON), Armed Forces Communications and Electronics Association (AFCEA), etc.); Provide relevant technology feedback and forecasting of potential cyberspace threats to supported activities.Report incidents to law enforcement and counterintelligence agencies: Maintain an up-to- date Point of Contact (POC) list for Law enforcement and Counterintelligence (LE and CI) agencies as routinely provided by Computer Crimes Investigative Unit (CCIU) and Cyber Counter Intelligence agencies. All incident reports are provided to LE and CI. In cases where an active investigation will be opened, analysts will coordinate subject matter expertise and assistance to LE and CI per Army Regulation AR 25-2, Chairman of the Joint Chiefs of Staff Manual (CJCSM) 6510, and local incident handling procedures. LE and CI agencies will provide written request in accordance with local TTP that will include as a minimum the official case number and include specific data logs and information required. Expertise and support to be provided consists of providing required data along with a summary or analysis of the data. Data and answers provided in the analysis shall pertain specifically to requirements in the LE and CI official request or within the RCC-P TTPs. (i.e. do not provide data or answers to anything not specifically requested by LE and CI).Attend ARCYBER Cyber Operations (CO) meetings, conferences, and working groups worldwide: Attend local and distant meetings, conferences and working groups prepared to discuss and provide advice regarding CO issues and provide assessment of impact on supported operations; Support the official position of the organization in line with DoD doctrine and local guidance; Document via trip reports listing participants and describing topics of discussion, decisions and action items upon completion of the event.Synchronization: Synchronize operational information within the organization and with external organizations: Maintain accurate status on all organization and parent organization operations, training, visitor, and briefing requirements; Synchronize CO supporting Geographic Combatant Command.MINIMUM QUALIFICATIONS AND EXPERIENCE:Bachelor's Degree in a related field, preferred.Knowledge and minimum 2 years of experience in Software Systems Engineering.Technical skills in implementing, maintaining, troubleshooting and upgrading Windows Workstation desktops, and all Windows Servers and LAN.Experience with Cybersecurity Service Provider (CSSP) periodic inspections.Experience with Army Cyber Security (CS) guidance and regulations.REQUIRED EDUCATION AND CERTIFICATION:Must meet at least one baseline certification under CSSP-IS (SSCP/CEH)Must have a Windows Server 2012 certification.CITIZENSHIP/CLEARANCE:Must be a US citizen.Must have a TS/SCI clearance.Job: Information TechnologyTitle: Software Systems Engineer IntmLocation: HI-HonoluluRequisition ID: RCC000011Clearance Level required at Start Date: TS/SCITravel: Yes, 5 % of the TimeWe are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.