• Computer Network Defense (CND) Senior Subject Matter Expert (RCC)

    # of Openings
    Systems Engineering
    Clearance Level
    TS/SCI with Polygraph
    US-AZ-Sierra Vista
  • Overview

    This position will support the mission to operate, monitor, secure, and sustain NIPRNet and SIPRNet CND services and shall provide CND services to CONUS users 24-hours a day, seven days a week. This position is pending contract award.


    Title of Position: Computer Network Defense (CND) Senior SME 


    Description of Position:

    • Develop Intrusion Protection System/Intrusion Detection System procedures; correlate and react to security events; perform first- and second-level triage; and forward suspicious activity.
    • Perform advanced systems administration for the enterprise sensor mission relative to platform architecture, configuration, lifecycle support, and technology refresh and infusion.
    • Develop and document disaster recovery procedures for managed CND systems, including IPS/IDS, system baseline tools, host-based systems and agents, server managers, applications, and remote management systems. 
    • Perform daily backups, implement system upgrades, and verify system configurations, accounts, and passwords conform to baseline standards.
    • Establish and maintain written procedures to set up, track, and document status and location of hardware and software for each baseline of sensors. 
    • Maintain, update, test, and implement signatures and policies for each baseline of sensors; changes must be approved through the established ITIL process.
    • Build, configure, and assist with implementation of newly fielded sensors that support missions.
    • Monitor all sensors and agents managed for security event analysis and response. Respond to a detected event and perform triage, ensure proper handling of the associated trouble ticket, and process events according to the CND SOP and appropriate TTPs
    • Maintain and update the triage database with current threat data and response methods.
    • Maintain and update SIM tool software rules for optimal detection of malicious or unauthorized activity. Report system incidents and problems according to CND SOPs and service level agreements.
    • Validate security event information from the ITSM ticket.
    • Provide data analysis as tasked.

    Normal operating core hours are Monday - Friday between 0600 and 1700, with potential flex time (rotational shift work or on-call duties). Must be available to work weekends and holidays, as required. 


    Clearance Requirement:

    • This position will require U.S. citizenship and an active DoD TS/SCI clearance
    • T5 investigation required.
    Education and Experience Required:
    • Minimum experience: ten (10) to twelve (12) years with a high school diploma, eight (8) to ten (10) years with an associate degree, six (6) to eight (8) years with a bachelor's degree, or four (4) to six (6) years with a master's degree. A certificate may count as one (1) year of experience. Degrees must be relevant to the industry. Bachelor's in Computer Science or relevant field preferred.
    • Experience working in a 24/7 environment, including shift work.
    • DoD 8570.01-M required certifications: CSSP-IS and IAM II 

    • CE Certification (Microsoft, Redhat, CISCO, etc. or equivalent)

    • IT Level I (per Army AR-25-2)
    • ITIL® v3 Foundations Certified within first 3 months of hire

    ProSync's executive team creates and expands business opportunities, recruits talented and intelligent technology professionals, and fosters a company culture that empowers ProSync professionals to shape and mold the direction of their careers and the direction of ProSync.


    Employees of ProSync Technology Group, LLC and applicants for employment shall be afforded equal opportunity in all aspects of employment without regard to race, color, religion, political affiliation, national origin, disability, sex, age, or marital status.


    Email for more specifics regarding the position.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed