Position: Information Network Operations (Boundary Defense) Web Application Firewall
Location: Scott AFB, IL
Security Clearance Required: Secret
Position Type/Standard Work Hours: Full-time/40 hours per week/On-site
Summary/Objective:
The Cybersecurity Boundary Defenses role supports the United States Transportation Command (USTRANSCOM) Cyberspaces Operations Forces’ (COF), located at Scott Air Force Base (AFB), IL.
The COF’s mission is to provide Department of Defense Information Network (DODIN) Operations, defensive cyber operations-internal defensive measures, and overall cyberspace operations in support of USTRANSCOM network systems and missions. COF provides mission-tailored, joint capability packages to Combatant Commanders to facilitate rapid establishment of Joint Force Headquarters, fulfill Global Response Force execution and bridge joint operational requirements.
This role will protect against, defend, and respond to suspicious or malicious cyber activity across the USTRANSCOM enterprise and provide responsive IT service delivery by performing installation of cybersecurity defense tools IAW USTRANSCOM processes (e.g., change management and Risk Management Framework (RMF)). This includes:
Performing project management (e.g., using government provided requirements management tools and schedules)
Building and configuring systems to be Information Assurance Vulnerability Management (IAVM) and Security Technical Implementation Guide (STIG) compliant.
Performing functional testing.
Developing system assessment and authorization documentation, requesting security evaluations, and resolving findings; and performing operational deployment.
Primary Responsibilities:
Daily Operations and Maintenance:
Perform day-to-day operation of cybersecurity defense activities and operation and maintenance of the associated tool suites IAW USTRANSCOM Configuration and Change management processes. This includes, but is not limited to the following:
Maintain the existing configuration and integrity of the cybersecurity defense tool suites IAW applicable DOD, USCYBERCOM, JFHQ DODIN, DISA, and USTRANSCOM policies and instructions (e.g., firewalls, web application firewalls, and proxy services).
Requesting ASIs.
Utilize the USTRANSCOM tool suites and capabilities, install firmware patches and upgrades, and ensure tool suites are up to date on security vulnerability patches.
Perform tuning and optimization tasks to include appliance rule review and log aggregation/visibility.
Operate and maintain a service assurance capability for cybersecurity defense service tools.
Ensure Business Continuity Management (BCM) plans are in place, executable, and followed for cybersecurity defense operations (including storage of authentication credentials and backups) IAW USTRANSCOM’s Continuity of Service Plan.
Maintain, and enhance where necessary, the security posture of USTRANSCOM’s network environments. This includes, but is not limited to the following:
Provide risk-based recommendations to the government related to change requests for cybersecurity defense configurations (e.g., firewall rules, proxy service exceptions, WAF rules).
Modify cybersecurity defense tools at the direction of the Government (e.g., firewall rule modifications, proxy service modifications, Demilitarized Zone (DMZ) architecture).
Perform quarterly reviews of implemented cybersecurity defense filtering rules, exceptions, and log availability and content.
Implement approved DoD whitelist/Boundary Cloud Access Point (BCAP) exceptions for USTRANSCOM cybersecurity defense tools, to include registration and validation of entries in the whitelist for connections required to support USTRANSCOM cybersecurity defense tool suite operations.
Maintain WAF compliance with USCYBERCOM & JFHQ-DODIN requirements.
Develop/maintain WAF rule sets to ensure secure USTRANSCOM Command and Control communications and minimize impact to host applications.
Create and maintain CSSP infrastructure diagrams IAW current ESM and RMF requirements; provide updated diagrams to the government at a minimum of semi-annually.
Troubleshoot user and program related issues associated with cybersecurity defense infrastructure tools and provide recommendations to the government for resolution specific to firewall, proxy services, and web application firewall capabilities.
Provide compliance data to government in response to USCYBERCOM/JFHQ DODIN orders; develop and update Plans of Action and Milestones (POA&Ms).
Submit requests for exemption to policy/direction that cannot be complied with IAW prescribed DoD policy/instruction.
Document changes to cybersecurity defense tools (e.g., firmware installs, patching, firmware configuration changes) in a maintenance log and provide configuration management data on all managed systems to the government monthly.
Ensure changes impacting Ports, Protocols, and Services Management (PPSM) are properly documented—IAW USTRANSCOM Configuration and Change management processes and RMF requirements—prior to implementation at the boundary.
Metrics and Process/Procedure Documentation:
Collect and provide the Government with monthly metrics on cybersecurity defense activity to include:
List of cybersecurity defense tool rule/policy modifications implemented (e.g., firewall, proxy services, web application firewall capabilities).
Uptime statistics based on service availability for cybersecurity defense tools (e.g., firewalls, proxy services, and web application firewalls) based on service assurance monitoring.
Maintain current documentation on cybersecurity defense processes and procedures and provide the following deliverable documents to the government IAW the assigned suspense dates.
USTRANSCOM Web Application Firewall (WAF) SOP & associated checklists.
Required Education and/or Experience:
Must be a U.S. Citizen.
Must possess an active DoD Secret clearance.
Must have five (5) or more years of relevant cybersecurity experience.
Must possess an IAT-II Baseline Certification (example: Sec+ CE).
Must possess or acquire CSSP Analyst and CSSP Incident Responder Certification (within 6 months of hire).
Must have experience with Web Application Firewall, Palo Alto Firewalls, Proxy Servers.
Supervisory Responsibilities:
This position does not supervise the work of others.
Work Environment:
This job operates in a professional office environment. This role routinely uses standard office equipment.
Physical Demands:
Must be able to operate a computer and other standard office equipment.
Travel:
Very little.
Other Duties:
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and/or activities may change at any time with or without notice.
BTAS Benefits:
A comprehensive benefits program, including paid time off, federal holidays, health coverage, 401K plan with generous company match is offered to all full-time employees.
AAP / EEO Statement:
BTAS is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
BTAS is an E-Verify program participant.
Seniority level
Mid-Senior level
Employment type
Full-time
Job function
Information Technology
Industries
Defense and Space Manufacturing and Defense & Space
Referrals increase your chances of interviewing at BTAS, Inc. by 2x