Oneida Technical Solutions
  • West Point, NY, USA
  • 90-110K
  • Salary
  • Full Time

Medical, Dental, Vision, 401K w/matching, Paid Time Off (Sick/Vacation) and Holiday Pay


Oneida Technical Solutions (OTS) is a tribally-owned 8(a) certified IT Network and Telecommunications Services company, wholly owned and operated by the Oneida Nation of New York through Oneida Nation Enterprises, LLC. Headquartered in Oneida, New York, OTS is the direct parent company of Croop-LaFrance, Inc.

We are currently seeking a Cybersecurity Specialist to join our team at West Point Academy.

The contracted cyber technician assigned to support the Cybersecurity Branch mission must analyze general information assurance-related technical problems and provides basic engineering and technical support in solving these problems. The contractor will assist in the design, development, engineering, and implementation of solutions that meet network security requirements. The contractor will perform vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.

The contracted technician will be tasked with the following additional duties within their scope of work:


a) Firewall Monitor multiple firewalls and Intrusion Prevention & Detection Systems for optimal performance, correct configuration, local events, and logging (remote and local). Review events to determine impact, if any, and severity of the event. Brief Cyber leadership on events of interest, incidents, and configuration issues. Incidents must be reported within certain time thresholds which are defined by the severity of the incident. Provide configuration recommendations to Cyber and Implementation teams on ways to improve security without impacting mission requirements to include industry best practices. Evaluates proposed changes and performs impact analysis for any proposed change, validates changes that are approved through the USMA Change Control process are correctly implemented, and monitors performance and security posture to ensure the change is correctly implemented without negative impacts. Makes recommendations as to deployment of additional IDS/IPS systems and configurations to protect the WREN enclave.

b) Security Information and Event Management (SIEM) Will monitor CIOG6 SIEM product, multiple alerting systems within a number of different cloud-based and local products such as but not limited to Microsoft Office 365 and Microsoft Defender Advanced Threat Protection, and determine whether events are incident-related. Will brief Cyber team on incidents based on severity and impact. Will ensure local systems are correctly logging to SIEM product and will work with infrastructure and system owners to aid as needed. Will advise on policy tuning and baseline configuration tuning to reduce false alerts while ensuring true alerts are captured through alerting systems and will recommend courses of action based on alerts. Will recommend implementation procedures for automatic remediation processes and ways to streamline alert remediation process based on alert types, frequency, impact, severity, and other alert criteria as defined by G6 Cyber. Will compile weekly, monthly, and annual reports highlighting alert and threat trends.

c) End-point Protection Evaluates alerts from end point security system reporting products, and SIEM alerts as they relate to end point security. Differentiates between actual alerts and false positives and makes tuning recommendations to reduce the rate of false positives. Makes recommendations on cloud-based security policies and local machine policies which can help reduce threat surface and increase overall security posture without impacting mission requirements. Assist with implementation as required. Assists Cyber team with research into different settings and tools such as VMWare and VirtualBox. Evaluates recommended changes for system impact, ability to implement, and security enhancement. Collection information from end user to determine whether an incident has occurred and does initial incident information collection. Assists G6 Cyber with forensics or LE investigative tasks if required but does not conduct investigative tasks independently. Maintains visibility on new configuration abilities in bleeding edge software releases, tests changes in lab, makes recommendations for security adjustments based on findings,

d) Vulnerability Management Evaluate endpoint security posture against configured compliance baselines, make recommendations to G6 Cyber and G6 CTO on changing of baselines to enhance security without compromising mission functionality, provide mission impact and risk analysis for any recommendations. Determine which software packages must be maintained at the enterprise level, through enterprise patching in software center, and make recommendations to Cyber on priority of patching. Assist Enterprise and IT Support branches in defining package requirements and configuration in Software Center if required.

e) Assist Cyber Protection Teams by ensuring appropriate access is available for penetration testing of developmental applications and sites and security assessment of production internal and external applications and websites. Coordinate with Cyber team leads and Enterprise Services leads to ensure scope of test is correctly defined. Assist Cyber team in ensuring that the testing team understands the technologies in place and can be appropriately monitored. Assist Cyber team in ensuring testing is limited to items in question and appropriate artifacts are captured before, during, and after tests. Ensure a roll-back plan, backups, and mitigation strategies are in place before any test is conducted to maintain continuity of operations in the event of a system failure during tests. Conduct after action meetings with Cyber and Cyber Protection Teams and ensures a comprehensive After Action Report (AAR) is generated.

f) Develop weekly open source threat assessment evaluating the current threat landscape against products and services utilized in the WREN computing environment, highlight specific critical or impactful threats. Understand changes in the computing environment and how threats could impact users both at West Point and throughout the world. Utilize Army data analytic and open source or proprietary analytic platforms to provide broad spectrum unclassified intel analysis regarding cyber threats.

g) Establish metrics to measure & evaluate information security performance. Define what metrics are indicators of a successful cyber security posture and refine those metrics as technology changes. Create automated measures of metric evaluation to ensure that cyber security configurations and overall security posture is easily understood by Cyber and G6 team. Use metrics to define where additional focus is needed to mitigate existing and future risks. Help maintain metrics and Common Operating Picture used by G6 leadership.

h) Monitor Cyber Mailbox and communications for incidents, performs remediation for items authorized by G6 Cyber, coordinates LE investigations, tracks DD2875 documents through the process and answers questions regarding Cyber policy and procedures. Answers user-based and leadership-based questions on standards, policies, and procedures. Assists in automation of repetitive tasks and processes to streamline Cyber operations. Track annual re-evaluation of Cyber policies, guidelines, standards and procedures, and perform updates as needed. Track privacy impact assessments and other related documentation and serve as staffing officer to ensure timely processing for document updates and signatures.

i) Design, conduct, and analyze the resulting data from a Phising program, based in the scientific method. designed to test the Cyber education and posture of the WREN users. Create longitudinal studies to determine the effectiveness of training programs and foundational educational experience at the Academy. Provide recommendations for educational and remedial training adjustments and conduct evaluation of courseware adjustments to ensure correct educational goals are met.

j) Design, conduct, and analyze the resulting data from a meaningful Cyber Education and Professional Development training plan for WREN users, IT Staff from all directorates, and privileged account holders to ensure Army and DoD guidelines are satisfied and the Education and Training exceeds the Army and DoD requirements from a meaningful content perspective. Create, measure, and evaluate metrics of success to determine where program updates may be required and adjust training to fill identified gaps. Update training at least once annually to ensure new technologies are threats are captured in the training and that training is meaningful for all user groups.

Qualified candidates will have a minimum of 3-years of related experience in a Cyber Security role.

CISSP is desired, Sec+ or equivalent is required.

Strong knowledge of DOD/NIST standards required.

Oneida Technical Solutions, LLC. is an equal opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, gender identity, genetic information or any other protected characteristic under applicable law.

Oneida Technical Solutions
  • Apply Now

    with our quick 3 minute Application!

  • * Fields Are Required

    What is your full name?

    How can we contact you?

  • Sign Up For Job Alerts!

  • Share This Page
  • Facebook Twitter LinkedIn Email
.

In compliance with the ADA Amendments Acts (ADAAA), if you have a disability and would like to request an accommodation in order to apply for a position with our organization,

please call 315-829-8967 or e-mail OTSJobs@ONEnterprises.com

Oneida Technical Solutions logo About Us What We Do Who We Serve Careers Contact Us Oneida Indian Nation logo