THE CENTECH GROUP

Lead Enterprise Scripting Engineer

US-GA
Job ID
1985

Overview

THE CENTECH GROUP, Inc. (CENTECH®) is seeking a Lead Enterprise Scripting Engineer at Robins Air Force Base (AFB), Georgia. The person in this position will implement and maintain thorough vulnerability management programs to include creating/executing scripts (preference to PowerShell) to comply with tasking orders, remediation of client and server vulnerabilities, and general purpose scripts. They will establish and execute scripts, plans and executes strategies to comply with the approximately 40 Cyber tasking orders monthly. They will establish and execute scripts, plans and executes strategies to remediate the approximately 240,000 vulnerabilities (on average) across the 25,000 workstations and 800 servers in Air Force Reserve Command (AFRC).

 

This bid position is contingent upon award and the qualified candidate may be selected as key personnel.

 

 

Responsibilities

  • Establish and execute scripts, plans and executes strategies to comply with the approximately 40 Cyber tasking orders monthly
  • Establish and execute scripts, plans and executes strategies to remediate the approximately 240,000 vulnerabilities (on average) across the 25,000 workstations and 800 servers in AFRC
  • Educate and facilitate vulnerability management with Program Management Office (PMO) and non-PMO system owners to include sharing and executing scripts, if requested
  • Design and execute other methods, as required, to facilitate vulnerability management
  • Ensure Non-classified Internet Protocol (IP) Router (NIPR)/Secret IP Router (SIPR) Severity Category Codes (CAT) vulnerabilities for each assigned server does not exceed AFRC, U.S. AIr Force (AF), Defense Information Systems Agency (DISA), or U.S. Department of Defense (DoD) vulnerability thresholds; must be < 2.49 vulnerabilities per each assigned server
  • Server administrators will implement AF Maintenance Tasking Orders (MTOs), Time Compliance Network Orders (TCNOs), and Contract Change Orders (CCOs) by established deadlines with 95% compliance for MTOs; 100% compliance for TCNOs and CCOs. All non-compliant MTOs will be corrected within five (5) days
  • Comply with Command Cyber Readiness Inspection (CCRI) evaluation criteria [e.g., Security technical implantation guides (STIGs) and Computer Network Defense (CND) Directives] include these overarching categories:
    • Technology - Includes (not inclusive) infrastructure, Assured Compliance Assessment Solution (ACAS) scans, traditional security, wireless
    • CND Directives - U.S. Cyber Command issued directive compliance (e.g., compares network admin accounts to 8570 certification tracking)
    • Contributing Factors - More policy driven similar to self-inspection compliance 
  • Identify improvements for processes and procedures, and introduce automation to improve
  • Participate in design and implementation activities emphasizing supportability, maintainability, scalability, performance and overall quality
  • Support innovative cloud-based solutions from the virtualization layer up through the software-defined and cloud management platform stacks
  • Establish a near real-time, AFRC-wide comprehensive single screen presentation (e.g., single pane of glass or dashboard) to facilitate CCRI preparedness, situational awareness, remediation actions, better understanding of issues in the operational environment, etc.
    • Provide drill-down capabilities in the presentations, to include by-base and by function drill-down capability according to CCRI criteria
  • Implement and maintain thorough vulnerability management programs to include creating/executing scripts (preference to PowerShell) to comply with tasking orders, remediation of client and server vulnerabilities, and general purpose scripts
  • Establish and maintain visibility and tracking of compliance with CCRI evaluation criteria

Qualifications

  • Bachelor’s degree and a minimum of eight (8) years’ experience
  • Experience may substitute for Bachelor’s degree (depending upon specific position)
  • Technical experience in AFNet
  • Technical experience utilizing PowerShell
  • Technical experience remediating Windows Server 2008RS and newer
  • Technical experience utilizing SCCM
  • Technical experience remediating Microsoft-based Windows workstations
  • DoD 8570 IAT Level 3 certification is required (one of following) - Certified Information Systems Auditor (CISA), GIAC Certified Incident Handler (GCIH), GIAC Certified Enterprise Defender (GCED), CompTIA Advanced Security Practitioner (CASP) CE, Certified Information Systems Security Professional (CISSP) or Associate

THE CENTECH GROUP, Inc. is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. EOE/M/F/Disabled/Veteran

 

 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed