NorthHill Technology Resources has an immediate opening for a full-time role on a Department of State contract. We are looking for a RHEL SME with 12+ year of experience - must have an Active Secret Clearance.
The selected Red Hat Linux SME responsibilities will include:
- Maintain, update, and secure existing Red Hat Linux systems in VMs and in the Cloud as well as manage an existing Elasticsearch clusters in support of Cyber investigations and operations.
- Responsible for optimizing the Elasticsearch stack and Linux systems to ensure optimum performance with minimal downtime.
- Support hardening of OS, maintain user access, and support secure communication across the Linux systems.
- Perform YUM updates and be aware and communicate critical vulnerabilities and determine impact of the updates to the functionality of the Elasticsearch stack applications.
- Update YAML file for configuration of applications.
- Improve existing processes and for surge support for various initiatives in areas related to their area of expertise.
- BS in Information Technology or related field
- 12+ years experience of Red Hat Linux administration, including system design, configuration, maintenance, upgrade and administration, extensive experience working with Red Hat Enterprise Linux 6.X or 7.X, and CENTOS with a strong command-line interface (CLI) skillset
- Experience with Linux security, SSL/TLS, certificates, encryption, key stores, firewalls, management of PAM authentication, configuring system auditing and configuring SELinux.
- Experience with Open Shift, CEPH, Cloudforms and vRealize Automation
- Experience securing Linux systems, including conducting regular patches and updates and configuring ip-tables.
- Experience/knowledge of virtualization (VMWare, RHEL, etc.)
- Experience in the installation, configuration, and maintenance of both open source licensed and Commercial-off-the-Shelf software tools.
- Demonstrated success in automating server builds, standardizing images, and managing Linux systems via central management tools such as Satellite, Ansible, or Puppet, etc.
- Familiarity with at least one common scripting language such as Python, Perl, bash, curl commands, etc.
- Ability to understand, identify, and work with containerization features (Docker, OpenShift).
- Experience with AWS Cloud, Azure Cloud, or Cloud implementations and environments
- Extensive knowledge and experience with information security standards, policies and practices – NIST SP 800-53 rev4, SP 800-37 rev2, FIPS-199, DHS 4300A. Use OpenSCAP and other tools to audit security policy compliance
- Strong understanding of infrastructure technologies and functionalities (e.g., firewalls, Windows/Linux servers, Active Directory (AD), Splunk, Solarwinds, CyberArk, etc.)
- Excellent user interface / interpersonal / written and verbal communication skills
- The ability to operate in a team environment consisting of both internal and external members, co-workers and customers and attend and discuss tasks in daily agile sprint meetings
- Experience with handling files, directories, and command-line environments
- Experience with operating systems, including booting into different run levels, identifying processes, starting and stopping virtual machines, and controlling services
- Experience with configuring local storage using partitions and logical volumes
- Experience with file systems and file system attributes, such as permissions, encryption, access control lists, and network file systems
- Ability to deploy, configure, and maintain systems, including software installation, update, and core services
- Must have excellent verbal and written communication skills as this position will interact with peers and customers
- FedRAMP experience a plus
- Experience with DHS Continuous Diagnostics and Mitigation (CDM) a plus
- Experience building and maintaining Elasticsearch 5.X, 6.X, and/or 7.X solutions
- Experience optimizing Elasticsearch data structures to support structured and unstructured data.
- Familiarity with the DIACAP and/or RMF accreditation processes, specifically with configuring
- Linux systems in compliance with the Security Technical Implementation Guides (STIGs).
- Familiarity with Security guidelines such as STIG and CIS Bind DNS PXE Booting RHEL IdM PureStorage Flash Array Dell Equal logic PS & FS series
- Experience with maintaining a secure, standard OS build process.