Cybersecurity Systems Administrator
Tampa, FL
PingWind
Description
As the Cybersecurity Systems Administrator, you will provide cyber technical support for Cyber Operations Security Operations Center (CSOC). Support will consist of configuring, tuning, optimizing, and maintaining critical security infrastructure to safeguard the organization's digital assets against evolving cyber threats. You'll be responsible for overseeing the operation and maintenance of essential cybersecurity systems, including Security Information and Event Management (SIEM), Endpoint Detection Response (EDR) systems, network access control (Forescout), and Security Orchestration, Automation, and Response (SOAR) platforms.
Qualifications
· Proficiency in Linux environments, including system administration tasks and shell scripting for automation and customization.· Solid understanding of cybersecurity principles, threat landscapes, and best practices for configuring and tuning security tools.· Strong analytical skills and attention to detail, with the ability to troubleshoot complex technical issues and optimize system performance.· Excellent communication and collaboration skills, with the ability to interact effectively with technical and non-technical stakeholders.· Demonstrated ability to work independently, prioritize tasks, and meet deadlines in a dynamic and fast-paced environment.
Responsibilities
Configuration and Optimization:· Collaborate with cybersecurity stakeholders to define and implement effective configurations for SIEM, EDR, and network access control solutions.· Customize and optimize alert rules, correlation searches, and detection mechanisms within SIEM to align with security requirements and organizational objectives.· Deploy new SIEM instances including clustered deployments and apps.· Fine-tune EDR policies, rulesets, and scanning parameters to enhance endpoint visibility and threat detection capabilities.· Configure network access control policies within Forescout to enforce security posture and mitigate risks associated with unauthorized devices.· Ability to support Linux environment, editing and maintaining Splunk configuration files and apps.· Work with other Cybersecurity Engineering team members and will be required to interact with end users to gather requirements, perform troubleshooting, and provide assistance with the creation of Splunk search queries and dashboards.· Integrate cyber tools with variety of legacy data sources.Maintenance and Support:· Conduct routine maintenance tasks, such as software updates, patches, and performance tuning, to ensure the reliability and efficiency of cybersecurity systems.· Provide timely support and troubleshooting assistance to address issues and incidents related to SIEM, EDR, Forescout, and SOAR platforms, collaborating with vendors or higher-level support as necessary.· Perform regular system audits and health checks to identify vulnerabilities, misconfigurations, or performance issues, implementing corrective actions as needed.· Provide occasional presentations of tool capabilities to leadership
Policy Development and Compliance:
· Develop and enforce configuration standards, security policies, and operational procedures for cybersecurity systems, ensuring compliance with regulatory requirements and industry best practices.· Monitor compliance with security policies and regulations through audits, assessments, and reporting activities, taking corrective actions to address any deviations or gaps.· Collaborate with compliance and audit teams to streamline regulatory compliance efforts and demonstrate adherence to security standards.· Integration and Automation:· Integrate cybersecurity systems with other security controls, data sources, and IT infrastructure components to create a cohesive security ecosystem.· Develop and maintain automation scripts, playbooks, and workflows within the SOAR platform (Swimlane) to automate routine tasks, orchestrate incident response processes, and enhance operational efficiency.· Explore opportunities for innovation and continuous improvement by leveraging automation, orchestration, and integration with emerging technologies and industry trends.
Training and Knowledge Sharing
· Provide training sessions and document processes to empower internal teams with the knowledge and skills required to effectively utilize cybersecurity systems.· Share expertise, best practices, and lessons learned with colleagues through formal and informal channels, fostering a culture of collaboration and knowledge sharing within the cybersecurity team.
Required Qualifications
· TS-SCI· Five plus (5+) years’ experience in cybersecurity administration, with a focus on configuring and managing SIEM, EDR, network access control, and SOAR platforms· Bachelor’s degree in Information Systems, Computer Science, Computer Engineering, or another related fieldRelevant certifications (e.g., Security+, CISSP, GIAC, Splunk Core Certified Power User)
Desired Qualifications
· Prior CENTCOM experience
About PingWind
PingWind is focused on delivering outstanding services to the federal government. We have extensive experience in the fields of cybersecurity, development, IT infrastructure, supply chain management and other professional services such as system design and continuous improvement. PingWind is a VA CVE certified Service-Disabled Veteran-Owned Small Business (SDVOSB) with offices in Washington DC and Northern Virginia. www.PingWind.com
Our benefits include:
Paid Federal HolidaysRobust Health & Dental Insurance Options401k with matchingPaid vacation and sick leaveContinuing education assistanceShort Term / Long Term Disability & Life InsuranceEmployee Assistance Program through Sun Life Financial EAP Guidance Resources
Veterans are encouraged to apply
PingWind, Inc. does not discriminate in employment opportunities, terms, and conditions of employment, or practices on the basis of race, age, gender, religious or political beliefs, national origin or heritage, disability, sexual orientation, or any characteristic protected by law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation CISSP Clearance Compliance Computer Science CSOC EDR GIAC Incident response IT infrastructure Linux Scripting SIEM SOAR SOC Splunk Threat detection Vulnerabilities
Perks/benefits: Career development Health care Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs