Sr. Windows Admin (SIEM Systems) (IMC00632)
Dependent on qualifications
|Mandatory Job Requirements:||
|Applications Accepted By:||
Email: Michelle Might, Corporate Recruiter, email@example.com
Email Subject Line: Sr. Windows Admin (SIEM Systems) (IMC00632)
The position is responsible for system administration and support of all aspects of Joint Warfare Analysis Center (JWAC) auditing and network security monitoring systems. This is not a System Incident and Event Monitoring (SIEM) analyst position; the senior windows administrator will serve as a member of the cybersecurity team supporting the SIEM systems as a Windows administrator. JWAC provides combatant commands, the Joint Staff, and other customers with effects-based analysis and precision targeting options for selected networks and nodes to carry out the national security and military strategies of the United States during peace, crisis, and war.
Job Duties: Responsibilities include but are not limited to:
- Provide senior-level server maintenance and troubleshoot system errors for SIEM systems, audit log collectors, Windows, and Linux logging tool. (LogRhythm is current SIEM tool.)
- Apply knowledge of SIEM management tools such as LogRhythm to support all aspects of JWAC cybersecurity as the basis for the auditing and network security monitoring capability.
- Provide input for, and maintain, Standard Operating Procedures (SOPs) and provide documentation of service workflows, system configurations, and routine tasks.
- Operate, administer, and upgrade computer systems, devices, and software to include configuration, provisioning for use, integration with storage and networking, load balancing and optimization, patching, software installation, updating, backup, restoration, and electronic and manual data transfer.
- Deploy software which includes scheduling, executing, and troubleshooting the deployment of software applications.
- Deploy security patches which includes scheduling, executing, and troubleshooting the deployment of security patches.
- Provision and deliver computer systems and services.
- Maintain computer systems in a fully operational state through monitoring, alerting, troubleshooting, and performing repair and restoration activities to a compliant operational state.
- Perform periodic reporting of system status to include uptime, incidents, problems, and open issues, etc.
Required Qualifications: Note: These are mandatory items that all candidates must have when making application to IMC for this position. Please ensure that your submission addresses each of these requirement items. Candidates without these required elements will not be considered.
- At start date must possess a CompTIA Security+ certification in ACTIVE status (alternative DoD 8570 IAT II or III certifications are acceptable).
- Minimum of five years of experience supporting the following:
- Windows server administration within a DoD environment, OS administration related to log messages, and firewall messages.
- Windows 11, Linux, and Microsoft Windows Server 2022 administration log messages.
- Network and firewall logs (Palo Alto is preferred).
- Automation using either Puppet, PowerShell, Cloudbolt, or Ansible.
- SIEM solutions.
- AWS (preferred) or Azure Cloud technologies.
- Internal drive to figure out complex challenges and answers without giving up.
- Strong analytical and problem-solving skills.
- Excellent communication and interpersonal skills.
- Self-motivated and ability to stay focused.
- After start date, must pass JWAC Privileged User Exam.
- Pursuant to a government contract, this specific position requires U.S. Citizenship.
- All applicants must have current DoD TS/SCI clearance eligibility day one and prior to entry on duty.
Desired Qualifications and Skills: It is desirable that the candidate has the following qualifications:
- LogRhythm (highly preferred).
- Former Air Force experience as military, government, or contractor.
- Knowledge of Splunk and QRadar.
Innovative Management Concepts, Inc. (IMC), a Service-Disabled Veteran-Owned Small Business, provides a broad range of information technology IT services to government and commercial customers by placing a high priority on modernization, enhancing business processes through technology, and creating efficiencies through automation. Since its founding in 1989, IMC has offered solutions and expertise in: IT operations and maintenance, data management, cyber security, systems and network engineering and administration, cloud/hosting services, software development, website services, software quality assurance and testing (including IV&V), and project management. IMC is certified in International Organization for Standardization (ISO) 9001 Quality Management, ISO 27001 Information Technology Security Management, ISO 20000 Information Technology Service Management, and ISO 14001 Environmental Management System. Committed to continuous improvement and information security, IMC has been appraised at level 3 of the CMMI Institute’s Capability Maturity Model Integration for both Development and Services and we are CMMC Level 2 (Ver 2.0) compliant. Find out more about IMC at www.imcva.com.
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, protected veteran status, or any other characteristic protected by law.