Job Description

Pueo is known for bringing the best talent and unique tools to every opportunity. Pueo's Parliament (aka workforce) is composed of professionals who are seeking the opportunity to work in a business organization that thrives on career development and independence. In support of mission and professional growth, our Parliament has supported the development of multiple patents, proprietary tools, and applications as well as trademarked processes.

Our organization emphasizes career development across multiple career environments (at the members own pace) and ensures those who contribute broadly are properly rewarded. Pueo has four career environments where every member of the parliament can participate. Each environment has opportunities available for all levels. Opportunities are framed by an employee's desires and capabilities, and we ensure challenges, growth, and unique experiences are available for employees at all levels.

Our Career Environments (Program, Functional, Service, and Leadership) provide numerous opportunities for employees to invest in their personal growth and those things that offer fulfillment. We invest in helping our members create and execute their career development plans. Our Pods (small teams of 5 or less) are comprised of personnel with similar skillsets to ensure mentorship, understanding, and peer support.

Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). Conduct thorough technical assessments of UNIX-based systems (e.g., Solaris, AIX, Linux variants) for compliance with Intelligence Community Directives (ICDs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 Rev 5 and 800-171 controls.

GENERAL DUTIES:

• Perform manual audits of UNIX configurations, user access controls, file system permissions, patch management, and security logging.
• Analyze vulnerabilities related to UNIX systems and recommend mitigation strategies aligned with JCIP and IC security policies.
• Interpret and apply complex STIG requirements specific to UNIX environments.
• Collaborate with system administrators, security teams, and leadership to present findings and provide actionable security recommendations.
• Lead and mentor Level 1 UNIX inspectors, providing guidance on technical evaluations and inspection reporting.
• Stay updated on emerging UNIX threats, patches, and best practices for system hardening.
• Participate in inspection planning, execution, and reporting.
• Travel as required to support onsite inspections. (8-12 weeks of travel avg, some international and passport required).

REQUIRED QUALIFICATIONS:

• Possess a master's degree, with 8+ years of total experience/equivalent certifications. Master's degree may be substituted with a bachelor's degree and 5+ years of additional experience/equivalent certifications, for a total of 13+ years.
• Knowledge:
  • Deep understanding of UNIX operating systems including Solaris, AIX, and major Linux distributions (Red Hat, CentOS, Ubuntu).
  • Expertise in system hardening, patch management, user and group management, file permissions, and security auditing.
  • Proficient in interpreting UNIX-specific STIGs and aligning findings with NIST 800-53/800-171 controls.
  • Familiarity with shell scripting for automation of audit and remediation tasks.
• Skills:
  • Strong hands-on experience performing manual UNIX system security audits.
  • Ability to analyze system logs, identify anomalies, and assess system security posture.
  • Effective verbal and written communication skills for technical briefings and reporting.
  • Leadership and mentoring capabilities for guiding junior inspectors.
• Abilities:
  • Independently lead UNIX inspections with minimal supervision.
  • Provide expert recommendations for system configuration and architecture improvements.
  • Manage inspection schedules and deliverables effectively.
  • Adapt inspection techniques to diverse UNIX environments and organizational policies.
• Certifications:
  • Obtain an IAT-III or Maintain IAT Level III Certification in compliance with DoD 8570.01-M and DoD Directive 8140 Cyberspace Workforce Management.
  • CASP+ CE
  • CCNP Security
  • CISA
  • CISSP (or Associate)
  • GCED
  • GCIH
  • CCSP

CLEARANCE:

• Top Secret minimum

Pueo is an equal employment opportunity employer and affirmative action employer. All interested individuals will receive consideration and will not be discriminated against on the basis of race, color, religion, sex, national origin, disability, age, sexual orientation, gender identity, genetic information, or protected veteran status. Pueo takes affirmative action in support of its policy to advance diversity and inclusion of individuals who are minorities, women, protected veterans, and individuals with disabilities.