Position Summary:

• Perform system administration and upkeep of the CDS lab systems (approximately 2 dozen RHEL 7 and 8 servers and workstations). Assist with their use for troubleshooting operational CDS issues and prior testing of CDS system changes and patch installations. Tasks to sustain cybersecurity compliance of the CDS lab systems in support of the CDS lab RMF accreditation activities. Included are tasks to install, secure, validate, and provide lifecycle support to ensure cybersecurity compliance of custom data transfer scrips on RHEL servers and to analyze, recommend and implement configuration automation, log analysis, and reporting solution(s) across technologies. All work will be performed according to the Defense Information Systems Agency (DISA), Security Technical Implementation Guides (STIG), Department of Defense (DoD), and Organizational (Department of Navy (DoN) and COMNAVMETOCCOM) cybersecurity directives. Additional tasking includes creating or updating cybersecurity documentation (such as installation and configuration manuals), evaluating and remediating cybersecurity vulnerabilities, troubleshooting system issues, evaluating and implementing real-time server monitoring and implementing other force multipliers for cybersecurity sustainment.

Job Responsibilities:

• Configuration and Security of RHEL 7.X and 8.X Servers:
  • Assist with implementation and configuration of RHEL servers in the CDS lab, to include physical installation of server hardware and cabling
  • Implementation of cyber security requirements due to CTO, directives or DISA STIG updates
  • Installation of RHEL patches and import of patches into the disconnected CDS lab
  • Create and/or modify scripts and documentation
  • Sustainment of automated cybersecurity compliance evaluation scripts for RHEL 7.X and 8.X servers
  • Sustainment of installation and configuration scripts
  • Integration with onsite automation tools in order to quickly analyze software and produce STIG checklists quarterly
• Configuration and troubleshooting operation of Perl data movement scripts:
  • Assist with configuration of data movement scripts and, troubleshooting data movement issues
  • Support version control of script configuration changes within the CDS lab repository
  • Implementation of cyber security requirements or changes needed to be compatible with new RHEL versions
  • Create and/or modify script documentation
• Evaluation of custom scripts and configurations for issues and implement resolutions to issues found:
  • Maintain a baseline of script operation
  • Evaluate operation of scripts for deviation from expected norms
  • Work with CDS team to implement solutions for script and CDS test environments
  • Assist with development and implementation of script issue resolutions to include code changes to the Perl and BASH scripts
  • Support version control of script changes within the CDS lab repository
  • Implementation of cyber security requirements or changes needed to be compatible with new RHEL versions
  • Create and/or modify script documentation
  • Sustainment of RPMs for deployment of scripts and script configurations
• DISA STIG Compliance Automation for RHEL via Kickstarts and Infrastructure as Code:
  • Analyze, recommend, and implement improvements to CDS lab management techniques using available management tools within the CDS lab environment including but not limited to:
    • RHEL Kickstart disks
    • Ansible
  • Sustain STIG Required Log Analysis and Usage Metrics Solution
    • Provide sustainment assistance of log auditing solutions for log file analysis that meets DISA STIG requirements across the technologies installed in the CDS lab.
    • Author dashboards or other reports for log auditing
    • Research CDS lab technologies to ensure the correct information is being gathered and presented and that technologies are configured to log the information for analysis
    • Modify and maintain capabilities to move log files and perform log auditing to meet DISA STIG requirements, as needed
    • Present graphic dashboard designs to COMNAVMETOCCOM and alter design per feedback received
    • Develop test plans and design documents for both log analysis and use metrics implementation
    • Install, Configure and Secure Log Auditing Software, such as Splunk or Elastic Stack in the CDS lab environment
    • Provide a Configuration Guide to the government that includes installation details, network interfaces and all custom configuration details necessary for sustainment
    • Provide periodic demonstrations to the government on tool capabilities, dashboard deployment and configuration, user management and other functionalities necessary for sustainment, along with fully documented configuration, security and implementation details
  • System Administration and Cybersecurity Analysis and Documentation. Acceptable formats are listed below in the "Deliverables" table.
    • A STIG analysis and checklist, fully documented, with interpretation of STIG items and status and "Finding Details" enumerated for each check. If delivery includes an item where only certain STIG items are applicable, only those STIG items need to be analyzed and addressed.
    • A system administration guide with details on the scripts, how they remediate each STIG item, and step-by-step directions on manual implementation details for those STIG items that must be implemented manually (i.e., those items that cannot be scripted).
    • Creation of new and/or modification of existing documentation, particularly configuration documents, system administration guides, DISA STIG checklists and SOPs
    • Provide implementation assistance to the government if deliverables do not execute, as delivered, on government servers until the deliverables execute successfully (with no error) and function correctly (satisfy the requirement with no defects).
    • Assist with evaluating and documenting cybersecurity compliance of RHEL 7 and 8 servers and workstations.

Requirements:

• BS in Computer Science or CompTIA Security+ Certification
• Training in Red Hat Enterprise Linux 7 or 8
• Active Secret Clearance and T5 Investigation

Desired Experience Working With:

• Red Hat Operating System Administration
• BASH shell Scripts and RHEL systemd configuration of Apache Web Server
• RHEL RPM package creation
• OpenShift, Ansible, Puppet or similar tools
• DISA Security Technical Implementation Guidelines (STIGs)
• Perl, Python, and C Programming

Travel Requirements:

• Mainly in at Stennis Space Center with some travel to Monterey, CA and Norfolk, VA