Physical Security System Administrator - SOUTHCOM J2

Celestar Corporation is seeking a Physical Security System Administrator to support USSOUTHCOM J2 Physical Security Services The primary place of performance will be in Doral, FL. If interested and meet the qualifications, we encourage you to apply for this rewarding and impactful opportunity.

ANTICIPATED AWARD: July 2026
ANTICIPATED START: July 2026
PERIOD OF PERFORMANCE: 1 Base Year + 4 Option Years
LOCATION: Doral, Florida

CLEARANCE REQUIREMENT: Active TS/SCI (within 5 years)

About Us:

Celestar, a B&A Company, offers highly competitive salaries and benefits. Our comprehensive benefits package includes company-paid employee and family dental insurance, employee health insurance, life insurance, and disability coverage. Additionally, we provide a 401(k)-retirement plan with company matching, paid holidays, and personal time off.

Responsibilities include, but are not limited to:

• Operate the LENEL system and perform system administrator functions.
• Provide IT Tier 2 Service - A more in-depth technical service level than Tier I, and the technicians are more experienced and knowledgeable on a particular product or service. It is synonymous with level 2 service, service line 2, administrative-level service, and various other headings denoting advanced technical troubleshooting and analysis methods. Technicians in this realm of knowledge are responsible for assisting Tier I personnel in solving basic technical problems and for investigating elevated issues by confirming the validity of the problem and seeking for known solutions related to these more complex issues. This team usually collects information such as program name that failed, application name, or any database-related details (e.g., table name, view name, package name) or Application Programming Interface (API) names. If the problem cannot be solved at this level due to complexity or lack of permission, then the problem is elevated to the next tier.
• Provide internal and external IPv4 primary and secondary DNS services for USSOUTHCOM security ESS network.
• Operate and maintain enterprise applications and devices for network Authentication, Authorization, and Accounting (AAA), port authentication, network end-device compliance, device profiling, and policy compliance.
• Configure and maintain all network equipment for log collection and retention according to applicable policies and regulations. This includes services to configure, maintain, analyze, and monitor data input and output from the SIEM tools in order to accurately detect and respond to problems, outages, and security threats. Provide intelligent insights that enable quick response measures to reduce the impact of incidents and proactively prevent future incidents. Configure, test, fine-tune, and maintain all rule sets within SIEM, rule sets exhibit fluidity to adapt to changes within the AO Uniform environment. Analyze and investigate all alerts/offences generated within SIEM daily and resolve offences upon termination of analysis/investigation.
• Analyze fine-tune rule sets to reduce false positives within the SIEM.
• Manage, update, and troubleshoot all Storage Area Network (SAN) and other storage technology devices across the USSOUTHCOM Security ESS network.
• Backups - USSOUTHCOM requires backup services including file-level and system-level recovery services. Provide technical recommendations for government approval with a successful Backup Plan that supports the traditional IT backup. The Backup Testing Schedule of the Backup Plan shall be completed according to the schedule, and Backup Testing Results.
• Provide services for virtualized platforms and systems which include, but are not limited to, automated system provisioning, deployment, and servicing of multiple physical and virtual enclaves.
• Provide all AD management services including, but not limited to, DNS, DHCP, group policy, and certificates.
• Application Operations - USSOUTHCOM requires services covering engineering, installation, and O&M of various applications and their operating environments.
• Provide systems operations services including manual and automated processes to perform activities such as imaging, patching, application deployment, system monitoring, application monitoring, and service operations.
• End User Device Operations - USSOUTHCOM requires engineering, installation, and O&M services for multiple end-user device types. These services include, but are not limited to, manual and automated provisioning/de-provisioning, thin/zero client services, imaging, monitoring, patching, and application virtualization.
• Engineer, install, operate, and maintain a password management system.
• Provide a Tier 3 IT problem solving solution and have the ability to identify, document, and resolve major problems. Operate, monitor, alert, manage, maintain, install, and troubleshoot USSOUTHCOM Security ESS network infrastructure devices and services. Provide services for all aspects of network management and operations, including technical support for the development of policies, procedures, implementation, technology integration, and guidance for both scheduled and unscheduled maintenance.
• Conduct monthly scan and identify vulnerabilities in the ESS network in accordance with all applicable DoD References and recommend corrective action to the COR.
• Provide daily monitoring, review, analysis and evaluation of ESS process, technology and assess and recommend upgrades as needed to maintain system viability.
• Apply OS patches and/or STIGs and upgrades on a regular basis, and upgrade administrative tools and utilities. Configure and add new services as necessary. Perform periodic performance reporting to support capacity planning. Perform ongoing performance tuning, hardware upgrades, and resource optimization as required. Configure CPU, memory, and disk partitions as required.
• Provide daily, weekly, monthly reports on system health, system accuracy, system operations, and other metrics as required by the COR or KO in maintaining the uninterrupted protection of classified information processing areas.
• Expected to respond to critical ESS failures after duty hours, on holidays, or weekends as needed to maintain the integrity and accreditation/certification of DoD classified information processing areas. Provide and maintain standby roster for after/off duty hours response. Standby personnel must respond within two (2) hours.
• Assist with the sustainment and maintenance of all ESS and CCTV network infrastructure from base provided communication infrastructure demarcation point to all ESS and CCTV downstream devices as well as leased lines. Assist in the troubleshooting of failures due to issues caused by others. Troubleshooting may require the use of a lift or similar vehicle.
• Integrate ESS hardware with ESS network infrastructure such as network switches, servers, fiber transfer systems, battery back-up systems, and other devices as required to successfully operate the ESS.
• Establish a written preventative maintenance plan to maximize the operational capability of all security systems; update and submit annually.
• Train users on equipment operation and maintenance, generate and dispense user codes, and provide end-user training documentation as required by the COR or KO. Retain copies of documentation for one (1) year. Adhere to incident reporting requirements and handling procedures as required by USSOUTHCOM regulations, and CJCSI Cyber Conditions (CYBERCON).
• Develop and establish a system to track maintenance agreements with Lenel, VX Rail, Quest, Solar Winds, Microsoft, NETAPP, Thales, and all other software/hardware components that support ESS.
• Update status on Weekly Activity Report (WAR).
• Provide Physical Security support managed by the PM to include but not limited to customer service, X-Ray machine relocation/maintenance, Autocrib relocation/maintenance, and etcetera.
• Research, advise, and provide recommendations/quotes for all ESS and Physical Security enhancements procurements. The items include but are not limited to; all ESS components including IT hardware and software, X-Ray machines, metal detectors, turnstiles, PED storage and other physical security enhancements.

Required qualifications/skills (Must Be Reflected on Your Resume):

• 5 years of related experience.

• Knowledge of the Federal Enterprise Architecture (FEA) and Department of Defense (DoD) Enterprise Architecture framework (e.g., SIPR, NIPR and Joint Worldwide Intelligence Communications Systems (JWICS) networks), and the Information Technology (IT)/Cybersecurity rules and regulatory authorities to develop and implement policies and planning concepts, and project management methods.

• Knowledge of governing laws, regulations, precedents, and directives governing DoD security programs (e.g. information, personnel, physical, industrial, etc.)

• Knowledge and perspective of the operational, procedural, and technical standards that achieve interoperability with other non-DoD Federal Government agencies

• Proficient using basic Microsoft Office software applications (e.g., Word, PowerPoint, Excel, and Access).

• Proficient in using personnel security processing tools, including the DoD personnel security system of record (e.g., DISS, etc.) and National Background Investigation System (NBIS).

• Must possess a current CompTIA Security + (SEC+) or equivalent certification.

• Must possess a current CISCO Certified Network Associate (CCNA) certification or equivalent.

• Active TS/SCI (within 5 years)

Desired Education and Experience:

• Bachelor's degree in a related field, preferred

• Lenel Certified Professional (LGE-Core, LGE-Access, and LGE- Enterprise), preferred

Come on board with a company that Values its Employees!

Celestar Corporation is an Equal Opportunity Employer. The Celestar Corporation prohibits discrimination, harassment, and retaliation in employment based on race; color; religion; genetic information; national origin; sex (including same-sex); sexual orientation; gender identity; pregnancy, childbirth, or related medical conditions; age; disability or handicap; citizenship status; marital status; service member/protected veteran status; or any other category protected by federal, state, or local law.