Host Based Security Specialist (Trellix, Tanium, Carbon Black) with Security Clearance
Apavo Corp
2024-11-07 16:40:54
Reston, Virginia, United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Title: Host Based Security Specialist (Trellix, Tanium, Carbon Black) Location: Reston, VA; Washington, DC; Northern Virginia National Capital Region Clearance: TS/SCI w/CI Poly Must be willing to travel up to 30%, including local travel within the National Capital Region (NCR) of Northern Virginia, Maryland, and Washington, DC. Apavo is at the forefront of cybersecurity, providing services to military, defense, and critical infrastructure industries. Our vision of cybersecurity as a holistic, ongoing journey enables us to offer solutions that effectively mitigate risks and address vulnerabilities within any enterprise. As the cyber landscape continuously evolves, so do we, ensuring our services not only meet but exceed the ever-changing needs of our mission-critical clients. From compliance assessments and vulnerability analysis to comprehensive information system security management, Apavo's suite of services is designed to protect and serve the most sensitive and significant sectors of our society. Joining the Apavo team means becoming part of a company rooted in the principles of integrity, quality, and communication. We value positive, candid interactions and the belief that everyone has valuable contributions to make. Apavo stands out for its commitment to a work-life balance and fostering a growth mindset among all team members. If you are looking to make a meaningful impact in the cybersecurity world while growing professionally in a supportive, dynamic environment, Apavo is the place for you. Host Based Security Specialists play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). They conduct comprehensive assessments through detailed analysis of vulnerability scans to ensure compliance with Intelligence Community Directives (ICDs), IC Technical Implementation Guides (TIGs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 rev 5 security controls. Utilizing automated tools, including Tenable and Splunk, these professionals perform documentation reviews, employ checklists and guides to write reports and develop a qualitative risk assessment on target organizations. Their assessments examine the mission owners' critical capabilities and mission impacts if secure operations lack security protections needed to defend their cyber infrastructure and mitigate high-risk vulnerabilities to the enterprise. Beyond inspection duties, Technical Reviewers contribute to maturing organizational processes, training initiatives, and program-wide support through cross-functional collaboration. Roles and Responsibilities Host based security specialist are integral to conducting inspections of environments across the Intelligence Community (IC). They are responsible for: Interacting with leadership and site technical staff in advance of conducting inspections to facilitate scoping, data to support security controls assessment input, and execution of operational inspection plans Responsible for interviewing organizational subject matter experts in conducting STIG, SRG, and IC policy checklists Collect data in support of reviewing a comprehensive Threat Informed Critical Controls List (TICCL), provide written input on review of required security controls, potential vulnerability exploitation, and how MITRE ATT&CK techniques are plausibly successful based on organizational weaknesses. Ensure inputs link back to security controls Participating in the planning, execution, and reporting of security audits and network vulnerability assessments with minimal supervision Assisting in preparation of assessment deliverables -Security Risk Assessments input, compliance data, STIG data, etc. Communicating on impact of vulnerabilities verbally, through presentations and written deliverables Plan, execute, and report on information technology, privacy, and operational reviews to identify mission, privacy, security, compliance, information technology, and regulatory risks Familiar with a variety of cybersecurity concepts, practices, and procedures. Relies on extensive experience and judgment to plan and accomplish goals Required Qualifications Experience: A minimum of twelve (12) years of experience or the equivalent combination of education, professional training or work experience. At least five (5) years of experience in system administration, specifically with HBS platforms such as Trellix. Experience including other platforms such as Tanium and Carbon Black are a tremendous asset.in Cyber/Information Assurance, with a comprehensive understanding of cybersecurity disciplines including but not limited to the Risk Management Framework, DevSecOps, and cybersecurity engineering. Demonstrate ability to create Trellix reports and dashboards. Familiarity with: McAfee/Trellix Modules: VirusScan Enterprise (VSE), Endpoint Security (ENS), Data Loss Prevention (DLP), Asset Configuration Compliance Module (ACCM), Rogue System Detection (RSD), Policy Auditor (PA), and others as required IDS/IPS rules DoD/IC Mandated Security Configurations File Integrity Monitoring HBSS Industry Best Practices Experience developing or reviewing policy for ENS Firewall, application whitelisting, intrusion prevention, DLP, and VSE exclusions. ENS Signatures SQL Database administration experience Server administration experience Education: Bachelor's degree in Computer Science or related technical discipline. Certifications: DoD 8570.01 IAT Level III certification Skills: Strong independent work ethic (auditor mentality), exceptional oral and written communication skills, and the ability to work unsupervised. Preferred Qualifications Technical Proficiency: Experience in engineering and operations & maintenance of enterprise HBSS platforms (e.g., Trellix). Advanced Skills: Proficiency in using advanced vulnerability assessment and reporting tools such as Tenable, Splunk, and Tableau. Interdivision Collaboration: Demonstrated ability to operate across departments to implement cybersecurity principles effectively. Multitasking and Time Management: Capable of multitasking with efficient time management and possessing a comprehensive understanding of cyber threats, vulnerabilities, and network security methodologies. If you are looking to make a meaningful impact in the cybersecurity world while growing professionally in a supportive, dynamic environment, Apavo is the place for you. Apply today to become a part of our dedicated team and help protect the most sensitive sectors of our society. Apavo Corporation is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. Apavo Corporation takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.