Job Requirements
Doral, FL
Top Secret/SCI Polygraph not specified
Mid Level Career (5+ yrs experience)
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
PHYSICAL SECURITY NETWORK ENGINEER – SOUTHCOM J2
JOB DESCRIPTION
Position Title: Physical Security Network Engineer
Employment Status: Full-Time, Salaried, Exempt
Location: Doral, Florida
Security Requirements: Top Secret/SCI Security Clearance
POSITION SUMMARY:
Buffalo Horse Inc. is seeking a Physical Security Network Engineer to support USSOUTHCOM
J2 Physical Security Services. The primary place of performance is Doral, FL.
Duties include but are not limited to:
• Responsible for the ESS/LENEL network infrastructure, operation/maintenance (O&M)
and lifecycle.
• Provide IT Tier 3 Service - Typically the highest level of services in a three-tiered
technical service model responsible for handling the most difficult or advanced problems.
The employee shall be an expert in their fields and are responsible for the research and
development of solutions to new or unknown issues.
• Shall analyze the code, data and in some instances, an issue may be so problematic to the
point where the product cannot be salvaged and must be replaced. If it is determined that
a problem can be solved, then the employee is responsible for designing and developing
one or more courses of action, evaluating each of these courses in a test-case
environment, and implementing the best solution to the problem. Once the solution is
verified, it is delivered to the customer and made available for future troubleshooting and
analysis with government maintaining final approval authority.
• Configuring, maintaining, analyzing, and monitoring data output from the ESS network
security hardware to accurately detect and respond to threats across the network. The
employee shall operate, monitor, alert, manage, maintain, install, and troubleshoot the
ESS network infrastructure devices and services. The employee shall provide technical
recommendations for the development of policies for all aspects of network management
and operations.
• Provide internal and external IPv4 primary and secondary DNS services for
USSOUTHCOM security ESS network.
• Monitoring and Management Solutions - Leverage the Fault, Configuration,
Accounting/Administration, Performance, and Security (FCAPS) framework for network
management.
• Shall monitor, alert, and forecast problems before they arise, which is a key component to
healthy and self-healing IPv4 networks. The employee shall alert and consult the
Government on any fault, performance, and/or security issues that may arise.
buffalohorseinc.com
,• Access Control - Operate and maintain enterprise applications and devices for network
Authentication, Authorization, and Accounting (AAA), port authentication, network end-
device compliance, device profiling, and policy compliance.
• Log Management - Configure and maintain all network equipment for log collection and
retention according to applicable policies and regulations. This includes services to
configure, maintain, analyze, and monitor data input and output from the SIEM tools in
order to accurately detect and respond to problems, outages, and security threats. Provide
intelligent insights that enable quick response measures to reduce the impact of incidents
and proactively prevent future incidents.
• Configure, test, fine-tune, and maintain all rule sets within SIEM, and employee shall
rule sets exhibit fluidity to adapt to changes within the AO Uniform environment. The
employee shall analyze and investigate all alerts/offences generated within SIEM on a
daily basis and resolve offences upon termination of analysis/investigation.
• Analyze and fine-tune rule sets to reduce false positives within the SIEM.
• Manage, update, and troubleshoot all Storage Area Network (SAN) and other storage
technology devices across the USSOUTHCOM Security ESS network.
• Backups - USSOUTHCOM requires backup services including file-level and system-
level recovery services. Develop and implement a successful Backup Plan that supports
the traditional IT backup. The Backup Testing Schedule of the Backup Plan shall be
completed according to the schedule, and Backup Testing Results. These are
recommendations for government approval.
• Virtualization - Provide services for virtualized platforms and systems which include, but
are not limited to, automated system provisioning, deployment, and servicing of multiple
physical and virtual enclaves.
• Provide all AD management services including, but not limited to, DNS, DHCP, group
policy, and certificates.
• Application Operations - USSOUTHCOM requires services covering engineering,
installation, and O&M of various applications and their operating environments.
• Provide systems operations services including manual and automated processes to
perform activities such as imaging, patching, application deployment, system monitoring,
application monitoring, and service operations.
• End User Device Operations - USSOUTHCOM requires engineering, installation, and
O&M services for multiple end-user device types. These services include, but are not
limited to, manual and automated provisioning/de-provisioning, thin/zero client services,
imaging, monitoring, patching, and application virtualization.
• Engineer, install, operate, and maintain a password management system. These are
recommendations for government approval.
• Provide a Tier 3 IT problem solving solution and have the ability to identify, document,
and resolve major problems. Operate, monitor, alert, manage, maintain, install, and
troubleshoot USSOUTHCOM Security ESS network infrastructure devices and services.
Provide services for all aspects of network management and operations, including
policies, procedures, implementation, technology integration, and guidance for both
scheduled and unscheduled maintenance. These are recommendations for government
approval
• Adhere to incident reporting requirements and handling procedures as required by
USSOUTHCOM regulations, and CJCSI Cyber Conditions (CYBERCON).
,• Respond to critical ESS failures after duty hours, on holidays, or weekends as needed to
maintain the integrity and accreditation/certification of DoD classified information
processing areas.
• Provide and maintain standby roster for after/off duty hours response.
• Develop and establish a system to track maintenance agreements with Lenel, Quest, Solar
Winds, Microsoft, NETAPP, Thales, and all other software/hardware components that
support ESS. Update status on Weekly Activity Report (WAR).
• Research, advise, and provide recommendations/quotes for all ESS and Physical Security
enhancements procurements. The items include but are not limited to; all ESS
components including IT hardware and software, X-Ray machines, metal detectors,
turnstiles, PED storage and other physical security enhancements. The Contractor shall
adhere to all federal, local, and USSOUTHCOM J2 Physical Security policies regarding
procurements
• Provide Physical Security support as assigned by government leadership to include but
not limited to customer service, X-Ray machine relocation/maintenance, Autocrib
relocation/maintenance, and more.
Minimum Requirements:
5 years of related experience.
• Knowledge of the Federal Enterprise Architecture (FEA) and Department of Defense
(DoD) Enterprise Architecture framework (e.g., SIPR, NIPR and Joint Worldwide
Intelligence Communications Systems (JWICS) networks), and the Information
Technology (IT)/Cybersecurity rules and regulatory authorities to develop and implement
policies and planning concepts, and project management methods.
• Knowledge of governing laws, regulations, precedents, and directives governing DoD
security programs (e.g. information, personnel, physical, industrial, etc.)
• Knowledge and perspective of the operational, procedural, and technical standards that
achieve interoperability with other non-DoD Federal Government agencies
• Proficient using basic Microsoft Office software applications (e.g., Word, PowerPoint,
Excel, and Access).
• Proficient in using personnel security processing tools, including the DoD personnel
security system of record (e.g., DISS, etc.) and National Background Investigation
System (NBIS).
• Must possess a current CompTIA Security + (SEC+) or equivalent certification.
• Must possess a current CISCO Certified Network Associate (CCNA) certification or
equivalent.
• Active TS/SCI (within 5 years)
,JOB TYPE:
• Full-time
• Salaried
• Exempt
BENEFITS:
• Health, Vision, and Dental Insurance
• Company Paid Life, Accidental Death and Dismemberment Insurance
• Voluntary Life Insurance
• Long Term and Short-Term Disability
• 401(k)
• Employee Assistance Program
• Paid Time Off
• Paid Holidays
Buffalo Horse, Inc. is a tribally owned corporation established by the Fort Belknap Indian
Community (FBIC) for the purpose of providing contract services to federal, state, and private
entities.
Buffalo Horse, Inc.’s goal is to develop a self-sustaining economy for the Aaniiih (Gros Ventre)
and Nakoda (Assiniboine) Nations through new businesses, job creation, and resource
development.
JOB DESCRIPTION
Position Title: Physical Security Network Engineer
Employment Status: Full-Time, Salaried, Exempt
Location: Doral, Florida
Security Requirements: Top Secret/SCI Security Clearance
POSITION SUMMARY:
Buffalo Horse Inc. is seeking a Physical Security Network Engineer to support USSOUTHCOM
J2 Physical Security Services. The primary place of performance is Doral, FL.
Duties include but are not limited to:
• Responsible for the ESS/LENEL network infrastructure, operation/maintenance (O&M)
and lifecycle.
• Provide IT Tier 3 Service - Typically the highest level of services in a three-tiered
technical service model responsible for handling the most difficult or advanced problems.
The employee shall be an expert in their fields and are responsible for the research and
development of solutions to new or unknown issues.
• Shall analyze the code, data and in some instances, an issue may be so problematic to the
point where the product cannot be salvaged and must be replaced. If it is determined that
a problem can be solved, then the employee is responsible for designing and developing
one or more courses of action, evaluating each of these courses in a test-case
environment, and implementing the best solution to the problem. Once the solution is
verified, it is delivered to the customer and made available for future troubleshooting and
analysis with government maintaining final approval authority.
• Configuring, maintaining, analyzing, and monitoring data output from the ESS network
security hardware to accurately detect and respond to threats across the network. The
employee shall operate, monitor, alert, manage, maintain, install, and troubleshoot the
ESS network infrastructure devices and services. The employee shall provide technical
recommendations for the development of policies for all aspects of network management
and operations.
• Provide internal and external IPv4 primary and secondary DNS services for
USSOUTHCOM security ESS network.
• Monitoring and Management Solutions - Leverage the Fault, Configuration,
Accounting/Administration, Performance, and Security (FCAPS) framework for network
management.
• Shall monitor, alert, and forecast problems before they arise, which is a key component to
healthy and self-healing IPv4 networks. The employee shall alert and consult the
Government on any fault, performance, and/or security issues that may arise.
buffalohorseinc.com
,• Access Control - Operate and maintain enterprise applications and devices for network
Authentication, Authorization, and Accounting (AAA), port authentication, network end-
device compliance, device profiling, and policy compliance.
• Log Management - Configure and maintain all network equipment for log collection and
retention according to applicable policies and regulations. This includes services to
configure, maintain, analyze, and monitor data input and output from the SIEM tools in
order to accurately detect and respond to problems, outages, and security threats. Provide
intelligent insights that enable quick response measures to reduce the impact of incidents
and proactively prevent future incidents.
• Configure, test, fine-tune, and maintain all rule sets within SIEM, and employee shall
rule sets exhibit fluidity to adapt to changes within the AO Uniform environment. The
employee shall analyze and investigate all alerts/offences generated within SIEM on a
daily basis and resolve offences upon termination of analysis/investigation.
• Analyze and fine-tune rule sets to reduce false positives within the SIEM.
• Manage, update, and troubleshoot all Storage Area Network (SAN) and other storage
technology devices across the USSOUTHCOM Security ESS network.
• Backups - USSOUTHCOM requires backup services including file-level and system-
level recovery services. Develop and implement a successful Backup Plan that supports
the traditional IT backup. The Backup Testing Schedule of the Backup Plan shall be
completed according to the schedule, and Backup Testing Results. These are
recommendations for government approval.
• Virtualization - Provide services for virtualized platforms and systems which include, but
are not limited to, automated system provisioning, deployment, and servicing of multiple
physical and virtual enclaves.
• Provide all AD management services including, but not limited to, DNS, DHCP, group
policy, and certificates.
• Application Operations - USSOUTHCOM requires services covering engineering,
installation, and O&M of various applications and their operating environments.
• Provide systems operations services including manual and automated processes to
perform activities such as imaging, patching, application deployment, system monitoring,
application monitoring, and service operations.
• End User Device Operations - USSOUTHCOM requires engineering, installation, and
O&M services for multiple end-user device types. These services include, but are not
limited to, manual and automated provisioning/de-provisioning, thin/zero client services,
imaging, monitoring, patching, and application virtualization.
• Engineer, install, operate, and maintain a password management system. These are
recommendations for government approval.
• Provide a Tier 3 IT problem solving solution and have the ability to identify, document,
and resolve major problems. Operate, monitor, alert, manage, maintain, install, and
troubleshoot USSOUTHCOM Security ESS network infrastructure devices and services.
Provide services for all aspects of network management and operations, including
policies, procedures, implementation, technology integration, and guidance for both
scheduled and unscheduled maintenance. These are recommendations for government
approval
• Adhere to incident reporting requirements and handling procedures as required by
USSOUTHCOM regulations, and CJCSI Cyber Conditions (CYBERCON).
,• Respond to critical ESS failures after duty hours, on holidays, or weekends as needed to
maintain the integrity and accreditation/certification of DoD classified information
processing areas.
• Provide and maintain standby roster for after/off duty hours response.
• Develop and establish a system to track maintenance agreements with Lenel, Quest, Solar
Winds, Microsoft, NETAPP, Thales, and all other software/hardware components that
support ESS. Update status on Weekly Activity Report (WAR).
• Research, advise, and provide recommendations/quotes for all ESS and Physical Security
enhancements procurements. The items include but are not limited to; all ESS
components including IT hardware and software, X-Ray machines, metal detectors,
turnstiles, PED storage and other physical security enhancements. The Contractor shall
adhere to all federal, local, and USSOUTHCOM J2 Physical Security policies regarding
procurements
• Provide Physical Security support as assigned by government leadership to include but
not limited to customer service, X-Ray machine relocation/maintenance, Autocrib
relocation/maintenance, and more.
Minimum Requirements:
5 years of related experience.
• Knowledge of the Federal Enterprise Architecture (FEA) and Department of Defense
(DoD) Enterprise Architecture framework (e.g., SIPR, NIPR and Joint Worldwide
Intelligence Communications Systems (JWICS) networks), and the Information
Technology (IT)/Cybersecurity rules and regulatory authorities to develop and implement
policies and planning concepts, and project management methods.
• Knowledge of governing laws, regulations, precedents, and directives governing DoD
security programs (e.g. information, personnel, physical, industrial, etc.)
• Knowledge and perspective of the operational, procedural, and technical standards that
achieve interoperability with other non-DoD Federal Government agencies
• Proficient using basic Microsoft Office software applications (e.g., Word, PowerPoint,
Excel, and Access).
• Proficient in using personnel security processing tools, including the DoD personnel
security system of record (e.g., DISS, etc.) and National Background Investigation
System (NBIS).
• Must possess a current CompTIA Security + (SEC+) or equivalent certification.
• Must possess a current CISCO Certified Network Associate (CCNA) certification or
equivalent.
• Active TS/SCI (within 5 years)
,JOB TYPE:
• Full-time
• Salaried
• Exempt
BENEFITS:
• Health, Vision, and Dental Insurance
• Company Paid Life, Accidental Death and Dismemberment Insurance
• Voluntary Life Insurance
• Long Term and Short-Term Disability
• 401(k)
• Employee Assistance Program
• Paid Time Off
• Paid Holidays
Buffalo Horse, Inc. is a tribally owned corporation established by the Fort Belknap Indian
Community (FBIC) for the purpose of providing contract services to federal, state, and private
entities.
Buffalo Horse, Inc.’s goal is to develop a self-sustaining economy for the Aaniiih (Gros Ventre)
and Nakoda (Assiniboine) Nations through new businesses, job creation, and resource
development.
group id: 91124287