Job Listings

Sev1Tech is seeking an energetic individual as an Executive Administrative Assistant that is well organized, has strong communications skills (written and oral), and is willing to work on a military installation as a full-time employee in support of our Tactical Radios customer. A successful candidate will perform technical, specialized, complex and difficult office administrative work requiring the use of independent judgement. This position requires a candidate that is collaborative and present in their daily routine.   The Executive Administrative Assistant will be responsible for: - Performing a wide variety of administrative services including, but not limited to: calendar management, answering phones, coordinating and maintaining documentation involving travel, meetings and conferences. - Providing administrative support essential for the systems engineering and architecture development processes, including preparation, review, compliance monitoring, progress evaluation, schedule compliance, and technical assessments. - Maintain property book and other related duties as assigned. - Develop a variety of reports, monthly progress/status reports, memorandum creation and review IAW AR 25-50 - Able to handle typical non-technical and technical office administrative tasks. - Working with DTS and ATAAPS. - Demonstrating the ability to type highly specialized technical reports rapidly and accurately. - Trained, or familiar with, the operation of computer terminals and/or work processing center equipment and experience with Microsoft Office (Word, Excel, Power Point, SharePoint etc.). - Monitoring and tracking obligations and expenditures for assigned contract tasks, schedules, ceilings, and reports. - Resolving billing/invoice discrepancies.

Join Sev1Tech and support PMW 240, PEO DIGITAL and My Navy HR in the modernization and advancement of the Navy’s manpower, personnel, training and education systems and the transformation of Navy’s HR systems.   Must be experienced in providing DevSecOps implementation using Jenkins, Gitlab, or similar tools. Experienced in developing, testing, and maintaining containerized applications. Working knowledge of source version control, build/release tools and methodologies, and CI/CD pipelines. Working knowledge of Software Build process. Strong "security first" mindset.

Sev1Tech is seeking a highly organized and detail-oriented Change Management Coordinator to join our team. In this role, you will be responsible for coordinating all aspects of change management, including the development of change management artifacts, coordination with customer governance bodies such as their Change Control Board (CCB), and configuration of change request management within ServiceNow. You will play a critical role in ensuring that changes to processes are implemented smoothly and efficiently.   Responsibilities include: - Collaborate with stakeholders to understand and document change requirements, including impact analysis, risk assessment, and change scheduling. - Develop and maintain change management artifacts such as change records, change plans, and change implementation schedules. - Coordinate change approval meetings with Change Control Board (CCB), ensuring that all necessary documentation is available for review. - Facilitate discussions and provide guidance during change approval meetings to ensure a thorough review of change requests, including consideration of potential impacts and risks. - Assist in the identification and mitigation of potential risks and issues associated with changes. - Work closely with cross-functional teams to ensure the timely and successful implementation of approved changes. - Act as a stakeholder for the configuration and maintenance of change request management within ServiceNow, ensuring that the system supports efficient and effective change management processes. - Monitor and report on the status of change requests, providing regular updates to stakeholders and leadership. - Continuously improve change management processes and tools by identifying areas for enhancement and implementing best practices.

Sev1Tech is seeking an experienced Quality Manager to support a large, mission-enabling nation-wide team providing network infrastructure, platform, system, application, and cybersecurity services for a federal customer.  The Quality Manager will be part of a Program Management Office (PMO) and play a leading role for the delivery of high-quality contract services and products across multiple task orders/delivery orders. Specific responsibilities include: - Ensuring development and reporting on all quality and performance metrics - Collecting and analyzing metrics from metrics analysts, project managers, and operations and engineering leads - Reporting on SLAs - Developing, maintaing, and monitoring implementation of a QASP - Establishing, promulgating, and enforcing internal quality processes and procedures - Analyzing quality data and suggesting improvement actions based on collected data - Managing the log of quality reports and other quality documentation - Ensuring that the program team deliverables comply with all requirements and meet documented customer needs.

Sev1Tech is looking for a Quality Manager who would be responsible for ensuring development and reporting on all quality and performance metrics; collects and analyzes metrics from Architecture, Engineering and Integration, Operations, and Customer Success teams; reports on SLAs; monitors implementation of QASP; establishes, promulgates, and enforces internal quality processes and procedures; regularly analyzes quality data and suggests improvement actions based on collected data; manages the log of quality reports and other quality documentation; ensures that the program team deliverables comply with all requirements and meet documented customer needs.

Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   We're looking for an Information Assurance Specialist (Junior) to assist our customer in overseeing and supporting Information Security Control Assessments, Intrusion Defense Chain FISMA Metrics Tracking, and a Industry Cyber Hygiene Data Assessment Program. The candidate will support Information System Security Control Assessments, including: - Assisting in development and maintenance of an overall Security Assessment Schedule. - Assisting in development testing artifacts for each system including as appropriate Rules of Engagement, a technical assessment plan, Security Requirements Traceability Matrix, Security Assessment Report, and other necessary documentation. - Assisting in the scheduling and performing technical assessments of systems and applications to determine the severity of security control weaknesses. - Supporting assessments through reviewing system security documentation, vulnerability scan results, audit logs, configuration guides, and any other additional material provided by the system and system stakeholders. - Documenting results of assessments in the compliance tool utilizing a standard reporting format for recording assessment results and findings along with recommended mitigations. - Updating and maintaining all testing templates and standard operating procedures. - Collecting and storing all final materials and media. The Information Assurance Specialist (Junior) will support Intrusion Defense Chain FISMA Metrics Tracking, including: - Assisting in the testing the ability to properly classify malicious logic investigations using the Intrusion Defense Chain (IDC) Framework - Assisting in creation of example malicious logic and disseminate to all DHS Components - Assisting in the tracking and reporting compliance and accuracy in classifying malicious logic using the IDC Framework - Assisting in creation and maintenance of IDC Metrics for the annual Information Security Performance Plan  The Information Assurance Specialist (Junior) support the customer’s Industry Cyber Hygiene Data Assessment Program, including: - Assisting in establishment, documentation, and continual refinements of CONOPS and standard operating procedures documentation for the Cyber Hygiene Assessment (CHA) Team - Assisting in development and maintenance of a management schedule for all CHA data analysis and assessment activities - Assisting with coordination of CHA personnel to collect artifacts, define scope and establish governance functions for assessments and analysis of industry cyber hygiene data - Assisting in establishment of performance metrics and process improvement criteria stemming from the results of industry cyber hygiene assessments and analysis - Assisting in evaluation of results and providing recommendations in determination of industry cyber hygiene maturity - Assisting in creating of both draft and final deliverable reports stemming from industry assessments and analysis for Federal CHA program personnel consumption and review - Assisting in development, maintenance, and updating any additional program documentation on an ongoing basis  

Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   We're looking for an Information Assurance Specialist (Mid-Level) to assist our customer in overseeing and supporting Information Security Control Assessments, Intrusion Defense Chain FISMA Metrics Tracking, and a Industry Cyber Hygiene Data Assessment Program. The Information Assurance Specialist (Mid-Level) will oversee Information System Security Control Assessments, including: - Developing and maintaining an overall Security Assessment Schedule. - Developing testing artifacts for each system including as appropriate Rules of Engagement, a technical assessment plan, Security Requirements Traceability Matrix, Security Assessment Report, and other necessary documentation. - Scheduling and performing technical assessments of systems and applications to determine the severity of security control weaknesses. - Executing assessments through reviewing system security documentation, vulnerability scan results, audit logs, configuration guides, and any other additional material provided by the system and system stakeholders. - Documenting results of assessments in the compliance tool utilizing a standard reporting format for recording assessment results and findings along with recommended mitigations. - Updating and maintaining all testing templates and standard operating procedures. - Collecting and storing all final materials and media. The Information Assurance Specialist (Mid-Level) will oversee Intrusion Defense Chain FISMA Metrics Tracking, including: - Testing the ability to properly classify malicious logic investigations using the Intrusion Defense Chain (IDC) Framework - Creating example malicious logic and disseminate to all DHS Components - Tracking and reporting compliance and accuracy in classifying malicious logic using the IDC Framework - Creating and maintaining IDC Metrics for the annual Information Security Performance Plan  The candidate will ensure performance of the customer’s Industry Cyber Hygiene Data Assessment Program, including: - Establishing, documenting, and continually refining CONOPS and standard operating procedures documentation for the Cyber Hygiene Assessment (CHA) Team - Developing and maintaining a management schedule for all CHA data analysis and assessment activities - Coordinating with CHA personnel to collect artifacts, define scope and establish governance functions for assessments and analysis of industry cyber hygiene data - Establishing performance metrics and process improvement criteria stemming from the results of industry cyber hygiene assessments and analysis - Evaluating results and provide recommendations in determination of industry cyber hygiene maturity - Creating both draft and final deliverable reports stemming from industry assessments and analysis for Federal CHA program personnel consumption and review - Developing, maintaining, and updating any additional program documentation on an ongoing basis  

Sev1Tech is seeking an experienced Deputy Program Manager to perform a leadership role on a large, mission-enabling nationwide team providing network infrastructure, platform, systems, application, and cybersecurity services for a federal customer.  Encompassing a wide range of tasks including but not limited to Program Management Organization (PMO) functions, Monitoring & Analysis, as well as, Incident Response functions that include cybersecurity, Network Infrastructure (Tier 3), and Field Engineering Technical Services.    Responsibilities include but are not limited to: - Perform Deputy Program Management functions including guidance and oversight to other managers - Engage with senior customer leadership regarding program priorities, technical, and resource issues - Assist in the establishment, staffing, and running of a Program Management Organization (PMO) providing the following types of services: - Knowledge Management - Doctrine, Policy, Planning, & SOP Development Support - Service Catalog, Relationship & Services Management Practices - Communications Support - Project Management Support - Continuous Service Improvement Program - Performance and Investment Metrics - Capability Test, Training, and Exercise Program - Data Call and Data Acquisition Support - Cybersecurity Services Provider Program Support - Apprise the Senior Program Manager of both progress and risks - Ensure timely high-quality products to senior level customers - Ensure rapid response to ad hoc requests for information from customers

Sev1Tech is seeking a Configuration, Change, and Release Manager with extensive knowledge and experience in configuration, change and release management to develop a consolidated approach to each of these important processes.  The candidate will assess the current approach in the customer environment, propose a strategy and roadmap to consolidate into one program covering the full scope of NOSC/NCCS, and, based on customer approval, lead the transition to the approved strategy.  The candidate will manage a core team responsible for implementing enhanced, standard processes within the overall governance structure of the customer.   For Configuration Management: - Establish and maintain configuration management processes to track and control changes to software, hardware, and documentation - Define and manage configuration items, ensuring accurate and up-to-date configuration baselines - Conduct audits to verify compliance with configuration management policies   For Change Management: - Develop and implement change management processes to ensure smooth transitions and minimize disruptions - Evaluate and approve/reject change requests, considering potential impacts on systems and workflows - Collaborate with stakeholders to communicate changes and manage expectations   For Release Management: - Plan and coordinate releases, ensuring timely and efficient deployment - Work closely with engineering and operations teams to schedule release activities - Monitor release progress, address issues, and provide post-release support  

Sev1Tech is looking for a Transition Manager to assist our customer in a major contract transition, consolidating two existing large contracts invoving NOC, SOC, and Program Management services performed nationwide.   Responsibilities include but are not limited to:  - Develop a draft contract Transition Strategy and Plan - Review the draft contract Transition Strategy and Plan with customers and make necessary modificaitons - Plan and conduct Transition Kickoff Meeting - Plan and oversee knowledge discovery and knowledge transfer sessions - Conduct daily internal transition status meetings - Conduct weekly transition status meetings with the outgoing contractors and the customer - Ensure documentation and management of transition progress and risks - In tandem with the Senior Program Manager and HR, plan and execute recruiting, hiring, and ramp up of contract staff - In tandem with the Senior Program Manager, oversee and execute a contract orientation for staff - Manage the transition schedule - Submit Transition Status Reports - Ensure preparedness for Operational Readiness Reviews - Facilitate cutovers from outgoing contractors  

Sev1Tech is looking for System and Tool Administration Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Specifically, we're looking for a System/Tool Administration Lead to administer core tools that will be used for management and operations.   Responsibilities include but are not limited to: - Implement, configure, maintain, and operate Government furnished network, cybersecurity, and systems management software applications, dashboard applications, and hardware appliances - Develop, integrate, manage, and maintain monitoring tools and dashboards (e.g., system and application monitoring software, AWS Dashboards, Azure Dashboards) - Provide recommendations regarding new tools and services that can be integrated into NOSC operations and regarding decommissioning of obsolete tools and services - Conduct 24x7x365 cybersecurity, network, system, enclave, and cloud management monitoring and analysis operations, including Enterprise and NOSC dashboards - Apply various anti-virus, intrusion detection, and vulnerability assessment tools, techniques, and procedures - Provide support for configuration of Forensic and Log Management tools in support of identifying rogue and malicious software and suspicious and unapproved activities. - Assist in the administration of incident tracking tools and in training personnel in the use of those tools - Maintain a cyber incident dashboard, update as incident status changes, and provide continuous management updates - Support content development and updates to Enterprise NOSC dashboards - Ensure that tool licenses and maintenance agreements are tracked and projections for license expirations are continuously maintained for a minimum of twelve (12) months into the future - Assist the Government in generating communications to applicable stakeholders regarding cyber risk management, developing, and managing a holistic risk management dashboard to provide senior management a near real-time visual representation of cyber risks. - Support troubleshooting network problems by providing technical support associated with new or revised hardware or software installations - Support coordination of new Homeland Security Enterprise Network (HSEN) connections including direct links with other agencies  

Sev1Tech is looking for a Cloud Operations Analyst to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks including but not limited to: Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; Field Engineering technical support; and Cloud operations.   Specifically, we’re seeking a Cloud Operations Analyst to provide Cloud, Platform, and System Operations Services to the Department of Homeland Security (DHS).     Responsibilities include but are not limited to:   - Manage, optimize, and troubleshoot issues for DHS’s cloud compute, storage, and application hosting platforms, and for all other platforms, systems, and applications that comprise the HSEN, including troubleshooting of connectivity, latency, degraded performance, or unavailability issues - Monitor and analyze cloud computing statistics and systems using CSP statistical feeds (e.g., Amazon Web Services; Microsoft Azure) and monitoring tool alert captures (e.g., Dynatrace) to determine possible points of failure and work with both IT Operations Cloud Computing Tier 2 Team, OCIO Solution Development Directorate (SDD) Cloud Tier 3 Teams, and other stakeholders, and recommend modifications to cloud-based environments and configurations to avoid or re-mediate unscheduled outages - Conduct real-time (when possible, based on tools) monitoring and triaging of security alerts from SIEM, System, Network Appliance (Firewalls, IDS, etc.), Cloud Service (AWS, Azure, IBM, etc.), email (Microsoft Office 365,), and Endpoint (including Endpoint Detection and Response Solutions (EDR)) systems - Monitor voice (phone) and electronic (email) and other sources designated by the Government for notification of network and cloud incidents, outages, and service degradations involving network services, CSP environments, Mission Essential Systems (MES) hosted in data centers and cloud environments, or DHS Component entities  

Sev1Tech is looking for a Vulnerability Analyst/PenTester Lead to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Responsibilities include but are not limited to:   - Conduct Vulnerability Assessment scans for Headquarters and Subscriber systems and networks to identify potential computer security vulnerabilities, risks, and threats - Operate, and maintain assessments and the resulting Vulnerability Assessment data and reports - Support the NOSC enclave, HSEN, and Redundant TICs through the conduct of scheduled and ad-hoc vulnerability assessment scanning. - Scanning shall include: - Host-based and vulnerability assessments - Network vulnerability assessments - Database vulnerability assessments - Web-based vulnerability assessments - Cloud-based vulnerability assessments - Employ ad-hoc or emergency vulnerability scanning to support targeted incident investigation, escalation, and emergency response to security events in accordance with documented procedures - Coordinate with Component security staff to explain findings, provide recommendations on mitigations, and advocate for mitigation of vulnerabilities - Conduct High Value Asset assessments and penetration tests and conduct or assist with penetration tests as requested by Components, System Owners, Information System Security Managers, or Information System Security Officers in support of Security Controls Assessments, continuous monitoring, and FISMA requirements - Provide penetration testing summary reports, in accordance with the signed Rules of Engagement (ROE) document, to the appropriate System Owner/ISSM/ISSO, Government lead, DHS Program Manager and document the findings - Prepare and submit security testing Rules or Engagement (ROE) for High Value Assets (HVA), Internal & External Threat Assessments, prior to conducting penetration testing and ensure that the ROE provide the operational security controls to protect both the system and network  

Sev1Tech is seeking a Senior Knowledge Management Specialist to provide knowledge management and process improvement expertise. The successful candidate will be responsible for coordinating the knowledge management program, including developing and implementing knowledge management processes and procedures, and providing guidance and training to personnel.    Responsibilities include but are not limited to: - Spearheading an assessment of existing customer Knowledge Management practices and the as is environment - Knowledge Organization and Classification: Define and implement knowledge taxonomy/ontology and meta-data tagging systems to organize and categorize knowledge assets - Ensure consistency and accuracy in knowledge classification - Analyze knowledge management solutions and aid in the selection of the best software solution - Implement efficient search and retrieval mechanisms to access knowledge - Lead discovery of current knowledge artifacts, systems, and architecture - Develop and implement knowledge-sharing platforms, communities of practice, and training programs - Knowledge Strategy Development: Develop a comprehensive knowledge management strategy aligned with the organization's goals and objectives - Knowledge Capture and Creation: Work with subject matter experts to identify, capture, and document tacit and explicit knowledge - Facilitate knowledge creation through workshops, interviews, and collaboration platforms - Knowledge Storage and Retrieval: Establish and maintain a centralized repository for knowledge assets, including documents, databases, and multimedia content - Knowledge Dissemination and Sharing: Promote a culture of knowledge sharing and collaboration within the organization - Knowledge Performance Metrics: Define Key Performance Indicators (KPIs) and generates reports to measure the effectiveness of knowledge management initiatives  

Sev1Tech is seeking a Tier 3 level Field Engineering Technician who will be regionally located throughout the Continental United States (CONUS) to provide IT support requiring hands-on intervention at DHS facilities and sites lacking local IT support.     Responsibilities include but are not limited to: - Deploy to Department of Homeland Security (DHS) facilities requiring IT technical support services - Determine the nature of a service outage at a location and initiate response activity to restore service - Assess whether an outage is the result of a commercial circuit failure or if it is due to some internal failure at a facility - Identify failed network or system components and either restore the failed components to an operational status or replace the components as required - Coordinate trouble-shooting with other Tier 3 engineers as needed - Coordinate with product vendors as needed, communicating issues needing priority vendor attention and support - Escalate issues to program leadership as needed - In performing the above responsibilities, coordinate closely with the customer, team leads, contract managers - and vendors as necessary

Sev1Tech is seeking a Tier 2 level Field Engineering Technician who will be regionally located throughout the Continental United States (CONUS) to provide IT support requiring hands-on intervention at DHS facilities and sites lacking local IT support.    Responsibilities include but are not limited to: - Deploy to Department of Homeland Security (DHS) facilities requiring IT technical support services - Determine the nature of a service outage at a location and initiate response activity to restore service - Assess whether an outage is the result of a commercial circuit failure or if it is due to some internal failure at a facility - Identify failed network or system components and either restore the failed components to an operational status or replace the components as required - Escalate issues requiring addition, higher-level field engineering support (Tier 3) - In performing the above responsibilities, coordinate closely with the customer, team leads, contract managers - and vendors as necessary - Collaborate with customer/company and colleagues, and other resources to gain a better understanding of the issue(s) to be resolved - Effectively manage time to respond to service calls in a timely fashion - Complete intermediate installations and perform system test procedures - Troubleshoot and resolve issues that cannot be solved remotely - Perform smaller scale moves, adds, or changes of clients' equipment as needed - Prepare for on-site installations by reviewing site requirements - Obtain software and review relevant documentation prior to visiting customer sites - Stage the installation and upgrades in a lab environment prior to the site visit when necessary - Perform implementation of software and hardware solutions; integrating with the customer's network and equipment - Troubleshoot and resolve technical issues as they occur - Provide basic system administration training to technical users

Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The program will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   Sev1Tech seeks a Lead Content Developer/Cyber Threat Detection Developer, utilizing Splunk Enterprise Services or other SIEM tools to pro-actively research and then apply custom detection capabilities from disparate data sources such as: cyber threat intelligence, vulnerability data, campaign and indicators of compromise. These threat detection data types will be used to develop custom security, engineering, and or applicable dashboards; validate existing and/or create new correlation rules and alerts, as well as validate the index sources of the SIEM to ensure a thorough defense in depth for the enterprise.     Responsibilities include but are not limited to: - Analyze data feeds and event logs - Correlate the results with known threats, vulnerabilities, and incidents - Create new security content and updates to Enterprise NOSC dashboards - Develop, disseminate, and implement new security content such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Data Loss Prevention (DLP) correlation rules and cyber threat indicators - Participate in Briefings to provide expert guidance on new threats and will act as an escalation point for cyber analysts and engineering leads - Author reports and/or interface with customers for ad-hoc requests - Participate in discussions to make recommendations on improving NOSC cyber visibility, process improvements, and reducing the incident remediation period - Investigate and analyze all logs available within the SIEM, document workflows, and identify process improvements in the handling and remediation of cyber security events - Leverage deep understanding of how to develop custom content within the Splunk SIEM using advanced SPL language and data models or other network security tools to detect threats and attacks - Capture use cases from subscribers or other team members to develop custom correlation rule(s), validate and or create new dashboard(s) and validate all index sources for applicability within the Splunk environment - Utilize knowledge of latest cyber threats and attack vectors to develop and or maintain custom Splunk correlation rules from all indexed sources to support continuous event monitoring and alerting - Develop, manage, and maintain Splunk data models - Review all existing network event sources to determine if relevant data is present and make technical recommendations to re-mediate any missing log components - Review and or suggest new log and event index types as new devices are brought into the enterprise network - Develop custom regex to create custom knowledge objects - Developing custom SPL using macros, lookups, etc., and network security signatures such as SNORT, YARA and Zeek - Develop custom dashboards and reports for customer stakeholders - Train and mentor junior staff

Sev1Tech is looking for a Forensics/Malware Analyst SME to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety. The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   We're looking for a Forensics/Malware Analyst SME to conduct malware investigations and operations. Candidates will apply their technical and professional skill-sets to examine malware from various sources and perform appropriate analysis to improve cyber incident responses.    Responsibilities include but are not limited to: - Conduct Mal-ware investigations and operations - Examine submitted malware from cyber incident reporting and other sources - Perform forensic analysis of digital information and gathers methods, indicators of compromise (IOC), evidence of Advanced Persistence Threat (APT) threat actors, trends, and mitigations - Leverage scanning tools (i.e., VirusTotal) to conduct suspicious file scanning; performing queries, pivoting on indicators, and malware analysis on characteristics (Message-Digest Algorithm 5 (MD5), Secure Hash Algorithm 1 (SHA1), file size, file name, file paths, etc.) - Use forensically sound procedures to identify network computer intrusion evidence and identifies perpetrators - Contribute to cyber incident responses and other DoD Defense Industrial Base Collaborative Information Sharing Environment (DCISE) products - Contribute to the general knowledge base of intelligence used to develop or enhance tools - Provide guidance and direction to junior analysts

Sev1Tech is looking for the Cyber Threat Hunter to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks across Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; and Field Engineering technical support.  Work will be executed in the National Capital Region, in Stennis, Mississippi; Chandler, Arizona; and other locations in the U.S and occasionally OCONUS.   The Department of Homeland Security (DHS), Network Operations Security Center (NOSC) Cyber is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to DHS networks through monitoring, intrusion detection and protective security services to DHS information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations. The NOSC Cyber is responsible for the overall security of DHS Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed security violations.   Sev1Tech seeks a Cyber Threat Hunter to join our NOSC Cyber Team. The ideal Cyber Threat Hunter is someone who is process driven, curious, and enjoys identifying patterns and anomalies in data that are not immediately obvious.   Responsibilities include but are not limited to: - Manage all aspects of the Cyber-Threat Hunt lifecycle, including creation and improvement of enterprise-specific Threat Models and threat hypotheses, plan and scope Threat Hunt campaigns, missions, and activities against a variety of threat types and identify enterprise defense gaps and propose potential mitigation activities - Perform Cyber-Threat Hunt missions by identifying and investigating patterns and anomalies in data, suspicious network activities, including access from Outside the Continental United States (OCONUS) or utilization of non-standard credentials, anomalous or suspicious telemetry, and other Cyber Threat Intelligence - Pro-actively search networks to detect and isolate advanced cybersecurity threats that evade in-place security solutions - Regularly perform advanced analysis and adversary hunting activities to pro-actively uncover evidence of adversary presence on DHS networks - Follow incident response procedures for detected insider threat activity - Create Threat Models to better understand the DHS IT Enterprise, identify defensive gaps, and prioritize mitigations - Author, update, and maintain SOPs, playbooks, work instructions - Utilize Threat Intelligence and Threat Models to create threat hypotheses - Plan and scope Threat Hunt Missions to verify threat hypotheses - Pro-actively and iteratively search through systems and networks to detect advanced threats - Analyze host, network, and application logs in addition to malware and code - Prepare and report risk analysis and threat findings to appropriate stakeholders - Create, recommend, and assist with development of new security content as the result of hunt missions to include signatures, alerts, workflows, and automation. - Coordinate with different teams to improve threat detection, response, and improve overall security posture of the Enterprise

Sev1Tech is looking for the right candidate to play a role on a very large program involving network, cybersecurity, and cloud operations and engineering support services to a government customer with a significant mission for security and public safety.  The contract will encompass a wide range of tasks including but not limited to: Program Management; Monitoring, Analysis and Incident Response; Tier 3 Engineering and O&M; Field Engineering technical support; and Cloud operations.   Specifically, we're seeing a Tier 2 NOSC Engineer to perform the following responsibilities: - Leverage industry experience to provide operational support to maintain overall health and performance of enterprise network components, to include LAN, WAN, firewalls, VPNs, and other network platforms - Monitoring of network performance dashboards to pro-actively detect potential network degradation events and outages - Investigate and diagnose incidents to restore network services as quickly as possible, ensuring all incident details and restoration steps are thoroughly documented in the ServiceNow ticketing platform - Lead root cause analysis efforts and draft After Action Reports as requested - Implementation of approved network enhancements, firewall and white-listing requests, and other network updates in accordance with the Change Management process - Routinely collaborate with Government Leads, Watch Officers, and other Operational Teams in the communication and investigation of high priority troubleshooting efforts using the appropriate escalation procedures - Installation and support for remote access platforms such as VPN, Terminal Services, and Citrix - Work with vendor engineering teams in the investigation of complex hardware and software issues and initiate RMAs for failed hardware components as necessary - Provide guidance and assist in the development of junior NOC engineers with over-the-shoulder training and the creation of knowledge articles - Perform all tasks in accordance with established team Service Level Agreements (SLAs) and Standard Operating Procedures (SOPs)