Systems Admin - Cisco Email / Messaging Security / SPLUNK / Ironport - Active Top Secret required

Clearance Level
Top Secret
Category
Systems Engineering
Location
Washington, District of Columbia

REQ#: RQ127202

Travel Required: 10-25%
Public Trust: None
Requisition Type: Regular

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

  • Configure and maintain the email security solution to provide protection against spam, viruses, phishing attacks and other threats using email as the vector of attack. The current solution is the Cisco Email Security Appliances (ESA). Continuous updates of the threat definition profiles is expected. Application of patches and hotfixes are required in order to maintain the highest level of security on the systems. Multiple ESAs are configured in each site and across multiple sites to provide the highest rate of delivery possible. Message traffic can reach levels over 500,000 per day with thousands to tens of thousands of malicious message attempts. The Government expects to migrate to the latest version within 18-24 months of release and potential for migration of users and data to off premises service provider.  

  • Background in SPF, DKIM, DMARC and TLS.  Develop and write Content and Message filters for specific security requirements. 

  • Maintain a 99.99% fully mission capable rate/ uptime for the email security platform. The mission capable rate shall be measured by the Government provided monitoring solution. The current monitoring platform is Solarwinds Orion and SPLUNK. The mission capable rate shall be calculated on a monthly basis and shall be included with each submission of the Monthly Status Report.

  • On a quarterly basis, provide a status and configuration assessment of the ESA platforms, to include message delivery counts, malicious message quarantine estimates and platform operational status. The assessment shall be submitted quarterly. 

  • Maintain a 90% compliance rate for vulnerability management and security compliance. Provide a quarterly vulnerability and security compliance status reports based on scans provided by internal sources, currently Tenable Nessus, citing the current vulnerability levels and security guidance compliance.

  • Within 90 days of a new release, provide a service migration plan. The service migration plan shall include hardware and software requirements, update or upgrade requirements, risk and mitigations, test plan with timeline, and overall recommendations. 

Clearance Requirements:

Current Top Secret security clearance with SSBI conducted within the last 51 months is required.

Required :  DOD 8570-compliant cert (Sec+, Net+, CISSP, etc.)

  • Understanding of using SPLUNK as a trouble shooting tool and the creation of dashboards and early warning alerts.

  • Cert in Admin SPLUNK preferred

  • ESA basic level course taught by Cisco.

  • A med-level understanding of scripting and regular expression to create ESA filters.

  • Back ground in Linux

  • Ironport experience

#GDITpriority

#SysAdminCareers

#createyourcareer


About Our Work

We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.

COVID-19 Vaccination

GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.

GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.