Overview Cybersecurity Engineer Be the Difference Astrion offers comprehensive services that boost preparedness, optimize performance, and ensure success across various domains, from Cyber to Digital, Mission and Systems, servicing our nation's Civilian, Defense and Space communities. We support customers with Centers of Excellence in Washington DC, Huntsville, AL and Burlington, MA with an additional 36 locations across the U.S. Astrion has an exciting opportunity for a Cybersecurity Engineer to support the Kessel Run Division, which is within the USAF Digital Directorate, and located at Hanscom AFB, MA. This role will focus on cybersecurity with network security/firewall/AWS cloud security. The hired candidate will have a solid understanding of the modern cyber security landscape with a strong background in network security, cyber-attacks, data loss prevention, and DoD and AF information technology standards and practices. WORK LOCATION: Hanscom AFB, MA (Must be onsite at Hanscom AFB 3-5 days per mission requirements) WORK STATUS: Full-time; salaried; Hybrid Responsibilities: Experience with SEIM technologies and best practices, and experience implementing a more robust advanced security data analytics capability. Lead comprehensive network security assessments and risk analyses, proposing robust enhancements to the security infrastructure for KR. Stay ahead of cyber security developments, recommend cutting-edge security solutions, and manage the integration of these technologies into existing network platforms. Develop and implement network security policies, ensuring alignment with legal and organizational standards, and conduct regular system audits to identify and mitigate vulnerabilities. Participating in network and systems design to ensure implementation of appropriate systems security policies align with KR Policies. Apply advanced consulting skills and/or extensive technical expertise; full industry knowledge of cybersecurity engineering, cyber forensics, network security tools and technologies, cybersecurity policy, procedures, and workforce structure to design, develop, and implement recommendations for a secure enclave environment, and best practices. Investigate, monitor, and troubleshoot firewall-related issues including performance and connectivity problems and security logs to identify and respond to potential threats and vulnerabilities, conducting routine PAN OS checks for monitoring and analysis. Maintain detailed and accurate documentation of firewall configurations, changes, and network diagrams. Participate in security incident response activities, including the investigation, documentation, and remediation of security incidents, for incident response. Continuously monitor network traffic and firewall logs to detect and respond to security incidents. Direct prompt investigation and resolution of security incidents and breaches, maintaining meticulous documentation and stakeholder communication. Review Information Assurance Vulnerability Alerts/Bulletins (IAVA/B) related to Palo Alto products and develop and implement remediation plans. Identify opportunities for leveraging cloud technologies to improve operational efficiency, scalability and cost-effectiveness with the migrations of the AOC WS 10.1 system to the AppTX platform. Experience with AWS monitoring and optimizing performance using CloudWatch. Monitor the KR AWS stack (applications, infrastructure, network, and services) and use alarms, logs, and events data to take automated actions and reduce mean time to resolution (MTTR). Utilizing CloudWatch, monitor applications, respond to performance changes, optimize resource usage, and provide insights into operational health of the KR stack. Publish log-based metrics, create alarms, and correlate logs and metrics together in CloudWatch Dashboards for complete operational visibility. Experience with AWS auditing, compliance monitoring and governance using CloudTrail. Configure the logging of management events, data events, and CloudTrail Insights events IAW KR Policy. Audit and monitor access control information about each action, including who made the request, the services used, the actions performed, parameters for the actions, and the response elements returned by the AWS service. Ensure API calls made to every resource in their AWS account are recorded and written to a log IAW KR policy. Qualifications: Citizenship: Must be a US citizen Clearance: Must have an active US security clearance Education: Bachelor's Degree in a related field and 12 years of experience, 5 of which must be in the DoD Possess a deep understanding of Internet based technologies (DNS, Security, IP Routing, SSH, SFTP, HTTP/HTTPS, etc.). Deep understanding of IP network technologies and software tools for performance monitoring and troubleshooting. (Especially layers 2 and 3). Apply knowledge of technical, analytical skills to ensure the confidentiality, integrity, and availability of all information systems assets and ensure compliance with company policies, procedures, contractual, and regulatory requirements. Knowledge of monitoring and managing network and host-based intrusion prevention systems actively in-line, Full Packet Capture (with analytics), Sandboxing, Data Loss prevention, malware prevention systems, vulnerability scanning solutions, DDOS protection, Security Event/Information Management, host-based integrity checking, end-point security and AV. Experience with architecture, design, and management of network security technologies and best practices. What We Offer Competitive salaries Continuing education assistance Professional development allotment Multiple healthcare benefits packages 401K with employer matching Paid time off (PTO) along with a federally recognized holiday schedule Who We Are At Astrion, we innovate, elevate, and shape the world of tomorrow. At our core is our purpose to “Be the Difference”. This means we encourage our employees to take action and be the driving force for positive change. We foster an environment where innovative solutions flourish and our company continuously evolves. We have a culture of care, empathy, and making a tangible difference within our organization and communities. We embrace continuous learning, growth, and innovation, and pushing the boundaries of what’s possible. We promote collaboration and empowering our teams is at the core of our success. Join Astrion and Be the Difference in your career and the world! Astrion is an Equal Employment Opportunity/Affirmative Action Employer. We provide equal employment opportunities to all employees and applicants for employment and prohibit discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training. #CJ #DICE EPASS HB #LI-ST1 EPASS HB #LI-ST1 Hanscom AFB # DICE #CJ