Operational Systems Engineer: TS/SCI with Full Scope Poly

Operational Systems Engineer: Full Performance Level
Location: Chantilly, VA US
Security Clearance Requirement: TS/SCI with Full Scope Polygraph
Clearance Status: Must be Current
JOB SUMMARY:
Inferno Systems is searching for Operational Systems Engineers to work on our blue team
to manage the ingestion, parsing, processing and storage of data sets. You will work with a
team of threat hunters as they use the data you maintain to identify and disrupt attempts by
APT actors to attack and compromise operational infrastructure. You will assist with
analyzing large amounts of network data and make recommendations based on your
analysis. This unique opportunity allows you to experience both sides of CNE activity,
expand both your offensive and defensive skills and help you think like the attacker to
improve operational success. You must like solving complex challenges, developing threat
detection processes based on analytic findings and researching the latest cyber security
solutions in a rapidly changing environment.
The blue team is responsible for identifying network intrusions using commercial IDS and
host-based logs, network traffic flows and other unique data sets. You will use your Linux,
python and/or bash scripting and data processing skills to help uncover possible intrusions,
identify areas to harden network defenses and inform network defenders from different
groups of their results. You can also assist the red team Penetration Testers to better hone
their operational security, evade detection and find new ways to penetrate and pivot through
target networks.
REQUIRED SKILLS:
• Experience in ETL (Extract, Transform, Load) and/or data engineering and ingestion
pipelines
• Experience using scripting languages for automation, parsing data sets, and data
visualization/analytics (e.g. python, perl, etc.).

• Experience maintaining the health of data in a storage cluster.
• Able to assimilate and evaluate large amounts of data from multiple sources, operations,
and combining those data sets into enriched data sets to derive new findings
• Ability to work as a part of a team to support rapidly changing requirements in an
operational environment.
• Proven ability to communicate technical requirements to development teams and
represent stakeholder equities through ongoing relationships.
• Knowledge of IT defensive best practices.
• Ability to pay attention to details, ensuring accuracy in documentation and data.

DESIRED SKILLS
• Experience with Hadoop, Apache Spark, SOLR, elastic search and/or Cloudera.
• Knowledge of stand-alone automated configuration management systems (e.g.: Chef
Solo, Ansible, Kickstart).
• Proficient in data exploitation and data analysis, including PCAP and netflow
• Proficient in analyzing log files from web hosting services and other technical
infrastructure.
• Ability to perform security analysis of large network devices and systems.
• Familiarity with methodologies to include understanding of web application protocols/flaws,
redirection of network traffic, web browser vulnerabilities techniques.
• Ability to articulate technical information to non-technical audiences.
• Strong analytical and critical thinking skills, ability to think strategically.
• Ability to express complex ideas and insights verbally and in writing to a variety of
audiences.
• Understanding of intrusion sets TTPs and the ability to apply knowledge to future analysis.
• Strong understanding of computer networks, protocols and technologies, particularly at
layers 3 and 4
• Experience in structured data analysis or other data analysis methodologies