SITEC - Security Systems Administrator - MacDill AFB

Enterprise Contract (SITEC) - 3 EOM. This position is located at MacDill AFB in Florida.

The purpose of the Special Operations Forces Information Technology Enterprise Contract (SITEC) 3 Enterprise Operations and Maintenance (EOM) Task Order (TO) is to provide USSOCOM, its Component Commands, its Theater Special Operations Commands (TSOCs), and its deployed forces with Operations and Maintenance (O&M) services to maintain Network Operations (NetOps) to include performing Defensive Cyber Operations (DCO) services, and supporting the Cybersecurity Service Provider (CSSP) to protect, monitor, analyze, detect, and respond to cyber incidents.

Security Systems Administrators develop, implement, and drive continuous improvement of threat detection capabilities and engineering solutions throughout the USSOCOM enterprise.

Lead internal and external Purple Team engagements to validate continuous hardening of SOCOM networks and enable successful detection and response during real-world cybersecurity incidents and Red Team assessments.
• Lead integration of data from multiple security tools to detect complex, multi-step attacks with high accuracy.
• Explore and implement security technologies and methodologies to modernize security infrastructure and processes.
• Work with the Active Cyber Defense team to design and execute realistic attack simulations that test the effectiveness of current detections.
• Regularly update the Sysmon configuration used for endpoint monitoring to reflect evolving threat landscapes, ensuring coverage of new event types and attack techniques aligned with MITRE ATT&CK.
• Tune and optimize threat detection rules to minimize false positives and ensure accurate detection.
• Create and maintain comprehensive documentation of threat detection rules, processes, and technologies.

Qualifications:

• 5 years with BS/BA, 3 years with MS/MA, 7 Years with AS/AA or 9 years with HS

• A DoD TS/SCI clearance is required
• DoDD 8570.01-M IAT II

Desired Qualifications:

• GIAC Certified Incident Handler Certification (GCIH)
• CompTIA Advanced Security Practitioner (CASP+/SecurityX)
• Ability to communicate security issues clearly to both technical and non-technical stakeholders
• Strong understanding of security technologies used to defend Enterprise networks such as EDR, XDR, IDS, IPS, SIEM and SOAR.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.