Principle Analyst, Information Security SME (MacAfee/Trellix)

Principal Duties and Responsibilities:

An I2TS 3 Subject Matter/ Functional Expert:

• Demonstrates technical proficiency in various McAfee Endpoint and Network products; has the ability to write technical documentation and briefings; is familiar with mitigation strategies for various cyber threats; and has the ability to provide knowledge transfer to customer staff for deployed McAfee product sets.
• Configure, operate, and maintain DISA mandated Host Based Security System (HBSS) , and on components for Windows, Solaris, and Linux systems
• Host Based Security System (HBSS) implementations including the configuration and monitoring of HBSS Fragmentary Orders (FRAGO)
• Coordinate complex requirements across multiple, parallel development programs to systems availability and ensure IAVA/M and STiG compliance
• Possess ability to implement policy, assign responsibilities, and prescribe procedures for applying integrated, layered protection of the systems and networks
• Correlate and analyze data for severity and validity, generate reports identifying security vulnerabilities and instructions for corrective action, maintain a standard vulnerability assessment tool set and reporting mechanisms to ensure compliance
• Perform system administration on HBSS servers, including ePolicy Orchestrator upgrades and client product patching
• Deploy and sustain the full capabilities of the HBSS to all enterprise-wide managed systems including, but not limited to McAfee Endpoint Security (ENS) deployments, policy enforcement, reporting and compliance
• Monitor for and ensure Security Technical Implementation Guides (STIG) compliance, security, and performance
• Support Information Assurance (IA) personnel to assure security architecture, design, and implementation is in accordance with DOD Regulations
• Determine how best to leverage HBSS (and associated products e.g. ENS) to meet the strategic goals of the Customer
• Participate in the development of specific content necessary to meet the Customer’s security operations goals, to include: the formation of content-specific queries, templates, reports, rules, alerts, dashboards, and workflows
• Integrate data and event feeds with Organizational Security Information Event Management Systems such as SPLUNK as required
• Review policies and exceptions for the various HBSS modules and provide best practice recommendations and documentation
• Ability to configure, administer and maintain McAfee Threat Intelligence Exchange (TIE/DXL), Advanced Threat Detection (ATD), Enterprise Security Manager (ESM) and Endpoint Detection and Response (EDR)
• Provide systems engineering expertise to analyze mission system requirements for integration and operation of HBSS infrastructure suites. Plan installation and configuration of tool suite implementations.
• Develop test plans and test cases for evaluation of HBSS implementations. Participate in unit, system, and integration testing and analyses and mitigate test findings mapped against these implementations.
• Contribute to the system documentation for mission systems incorporating HBSS software and functions.
• Facilitate the cohesive and coordinated rapid transition of mission for GISA systems to operational environments.
• Provide support and input for the generation of documentation for fielding the McAfee HBSS modules required to support the current fielding
• Provide troubleshooting and system/problem resolution to ensure successful rollout of the HBSS implementation
• The HBSS SME will also be required for initiating the change control process to account for any deviations to the project plan

Desirable Skills / Experience:

• McAfee Security HBSS, System Administration, Network Administration, Network Security, and Threat Assessment
• Ability to implement, configure and maintain McAfee Endpoints via ePolicy Orchestrator (ePO) and Network based solutions such as Threat Intelligence Exchange (TIE/DXL), Advanced Threat Detection (ATD), Enterprise Security Manager (ESM), and Endpoint Detection and Response (EDR)
• Experienced in the installation, configuration, use, and trouble-shooting of current versions of Host Based Security System (HBSS) suite software applications and such as McAfee Agent (MA), VirusScan Enterprise (VSE), VirusScan Enterprise for Linux (VSEL), Data Loss Prevention (DLPe), Policy Auditor (PA), Host Data Loss Prevention (HIPS), McAfee Application Control (MAC) and McAfee Endpoint Security (ENS)
• Experience in a rapid paced, time sensitive, high quality environment
• Strong written and verbal communication skills along with strong customer service
• Ability to multi-task, prioritize commitments, and manage time effectively including attention to detail
• Proficient with Microsoft Office applications like Outlook, Word, Excel, Project, PowerPoint, Visio, and SharePoint

Education Required:

• High School diploma/GED with 12-years of related experience, or Associate's degree with 10-years of experience, Bachelor's degree with 8-years of experience, Master’s degree with 6-years of experience

Certification(s): 

• DoD 8570.01-M IAT Level II Computing Environment (CE) Certification as determined by the Program Manager is required prior to support on contract
• Required Baseline/Security Environment Certification: CompTIA Security+ CE or equivalent
• Desired Certification(s): DISA HBSS Admin Course; Certified McAfee Specialist ePO (CMSS-ePO); Certified McAfee Specialist HIPS (CMSS-HIPS)

Security Clearance:

• TS/SCI required

Additional:

• Candidates must be willing and able to attain a CI Polygraph for certain positions as determined by the contract