Sr. Systems Engineer - 3226

Metro Systems, Inc. is seeking a Senior Systems Administrator/Network Engineer with experience in Windows, Linux, Cisco, and Security to join our client’s team in Washington, DC, supporting the Department Of Justice.


Requires detailed technical expertise and in-depth knowledge, skill, ability, and experience designing, developing and implementing enterprise-level network platforms involving the following technologies:

Required Expertise

Windows System Administration

  • Building and administrating Microsoft Windows Servers
  • Building and administrating VMware EXSi servers to host Windows Vms
  • Building and administrating VMware vSphere Essentials Plus servers to host Windows Vms
  • Building and using Windows remote Activation Servers
  • Patching servers using Shavlik
  • Maintaining an Active Directory to push security settings to servers
  • Configuring HP Blade Systems and Virtual Connects
  • Managed storage on HP EVA and MSA storage systems
  • Called support vendors and oversaw hardware repairs
  • Configured and maintained a Symantec Endpoint Security Server
  • Administered servers running MS SQL Server and aided in simple tasks to maintain the database
  • Have used a Systems Change Request system for change approvals
  • Written scripts to synchronize directories using Beyond Compare or other tool
  • Managed jobs in the task scheduler
  • Managed a server remote control system with Radmin or similar software
  • Configured individual and group level access to files and directories
  • Have done disaster recovery planning and implementation
  • Sent log information to a log aggregation system such as ArcSight
  • Built and maintained an HP Systems Insight Manager (SIM) server – and registered the following OS’ to report state and confirmation information dynamically:   
    • Linux
    • Windows Server
    • HPUX
    • Solaris
  • Maintained a DNS server and configured zone transfers
  • Managed a Certificate Authority server and installed certificates for SSL
  • Managed Web servers using advanced IIS settings 

    Linux System Administration

  • Building and administrating Red Hat Enterprise Virtualization for Servers
  • Building and administrating Red Hat Enterprise Linux Servers
  • Using GFS2, KVM, and clustering Linux systems
  • Patching and building servers using Red Hat Network Satellite Server
  • Configuring HP Blade Systems and Virtual Connects
  • Managed storage on HP EVA and MSA storage systems
  • Configured zones on HP/Brocade Fiber Switches
  • Monitoring server hardware health, OS state and network connectivity, real-time and via SMTP e-mail notifications
  • Managing data and systems backups using Legato Networker and tapes
  • Configuring and maintaining Snort IDS devices
  • Used Putty, Xming and WinSCP on Windows desktops
  • Leveraging Systems Change Request system for change approvals
  • Development of complex unix shell scripts
  • Managed cron jobs
  • Configured individual and group level access to files and directories
  • Loaded data from a wide verity of devices and formats
  • Disaster recovery planning and implementation
  • Supporting SAS, Stata and Gaus econometric application in a Red Hat Linux environment
  • Administrating Oracle RH Linux Virtualization
  • Configured LDAP based authentication
  • Symantec NetBackup and EMC Legato backup operations
  • Management of HP Tape Libraries

Network Administration Support

  • Cisco router, switch and firewall installation, configuration and administration
  • Linux server installation, configuration and administration
  • Windows server installation, configuration and administration
  • Security Systems installation, configuration and administration
  • Security Certification and Administration services
  • Manage on and off site tape backups
  • Manage dedicated fiber network linking servers with SAN devices
  • Comprehensive support for Oracle DBA and Developer staffs
  • Comprehensive support for Stata/SAS Programmers

Desired Expertise

Cisco System and Network Administration

  • Cisco router design, installation, configuration, and administration
  • Cisco switch design, installation, configuration, and administration
  • Cisco firewall design, installation, configuration, and administration
  • Familiarity with zones on HP/Brocade Fiber Switches
  • SolarWinds network monitoring design, installation, configuration, and administration

Nice to have Expertise

Security Engineering - Systems Security Analysis and Engineering - Familiarity, limited experience and the ability to learn the following:

  • Vulnerability & Patch Scans - Configures, builds templates, and executes vulnerability and patch scan software.  Analyses results and works closely with system administrators and DBAs to remediate vulnerabilities, or document the business requirements which make the acceptance of the risks associated with identified vulnerabilities acceptable.  Vulnerability scan tools
    • Nessus Software
    • AppDetective Data Base Scan Software
    • Foundstone Server Scan Software
  • Security Information Management (SIM) Software - Management and monitoring of SIM audit log data, development of policies and procedures for SIM operations,  development of queries, reports and executive dashboards, and business rules for automatic SMTP e-mail notifications on high risk alerts, for: A
    • ArcSight SIEM
  • Deep Packet Inspection Software
    • RSA Security Analytics / NetWitness
  • Anomaly Detection Software
    • Riverbed Cascade
  • Configuration Management Data Base (CMDB) software
  • Network Intrusion Detection and Host Based Intrusion Detection hardware and software.
    • SourceFire Snort IDS/IPS
  • Firewall Software
    • Cisco PIX
    • Symantec End Point
  • Security C&A Analysis and Documentation
    • Performing and documenting risk assessments, analyzing security vulnerabilities, and the metrics to measure the risks associated with those vulnerabilities;
    • Based on the risk profile of the analyzed systems, development and documentation of a IT security policies and procedures for ameliorating those risks;
    • Design, development and documentation of comprehensive Systems Security Plan, covering at a high level the infrastructure, and policies and procedures which define the systems security profile for the analyzed systems;
    • Development of Systems Security Users Guides specific to selected networks, desktop computers, servers and data base systems;
    • Design, development, and validation of System Test and Evaluation (ST&E) reviews for new and/or legacy systems.
  • In summary, specific C&A documents to be prepared, reviewed and/or strengthened include:
    • Systems Security Plan
    • Risk Assessment
    • Contingency Plan
    • Incident Response Plan
    • System Test and Evaluation
    • Privileged Rules of Behavior
    • Interconnect Security Agreement (ISA)
    • Plans of Action and Milestones (POA&Ms)
    • NIST 800-53 Security Control analysis, assessment, and best practice-based remediation planning and documentation.

Required Minimum Qualifications

?  Five (5) years’ experience in the use of structured analysis, design methodologies and design tools, and other design techniques, object oriented principles, and experience with the logical, physical, functional, operation, and technical architecture of large and complex information systems. Experience in managing systems architects and design.

? Red Hat Linux

? Windows Server

? Must be able to obtain a security clearance

Minimum Education: Bachelor’s Degree in Computer Science, Information Systems, Engineering, Business, or other related discipline.

Desired Qualifications

? Cisco network equipment          

? Strong communication and interpersonal skills that include demonstrated abilities to prepare and deliver reports, presentations, and briefings for senior management

? Capability to successfully collaborate with technical staff, professional staff, and executive management.

Nice to have Qualifications

?  Security engineering  

?  Certified Information Systems Security Professional (CISSP) - maintained and current


MSI is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin.