SAP Security Information and Events Management (SIEM) Analyst

SIEM Analyst 

Key Role: 

Our SAP SIEM Analyst will provide Analysis of Operating System, Application and Network Logs to support the defining and implementing of Cyber security for an ARMY IT Program of Record within the financial sector.  The Analystwill develop, review and maintain policy development and integration of all log files being captured in a 30K user base system to be proactive with active threats to secure the system. 

Requirements: 

SOC Incident Response Lead and ArcSight Support.  Leads architectural design, specification, and maintenance of security products and services.  Must have backgrounds in network planning and design implementation, and operations.  Applies business and technology skills with structured methodologies to deliver complex solutions to the customer. Analyzes potential infrastructure security incidents to determine if an incident qualifies as a legitimate security breach.  Perform network incident investigations determining the cause of the incident and preserving evidence for potential legal action. Interface with technical personnel and make recommendations on corrective actions for incidents.  Configure and manage infrastructure solutions and development.

  • Administer controls and review their application to ensure that system's controls, policies, and procedures are operating effectively relative to the predicted effectiveness of the controls.

  • Plan and/or conduct tests of the core infrastructure and the contingency environment for critical business applications to ensure business continuity in the event of a computer security incident.

  • Aggregate metrics of operation of security controls, as well as apparent attacks, breaches, and other pertinent data; track trends and prepare for periodic security reports.

  • Participate in projects designed to test defenses against hacking, denial of service, spam, break-ins, or similar attacks. May provide guidance to infrastructure or application staff participating in exercise.

  • Examine and/or test new methodologies or tools that could be adopted to enhance security of platforms, infrastructure, or access to data

Basic Qualifications: 

  • SAP Experience or other ERPs

  • Experience with developing, reading and creating Scripts

  • Experience with any of the following SIEM tools: Splunk, Archsight, QRadar

  • SAP Basis, expertise with any of the financial modules, or SAP infrastructure

  • Experience with Fortify and CAST

  • Understanding of the fundamentals in TCP/IP and the OSI model, as well as common routing protocols

  • At least 5 years' experience administering Unix, Solaris, Linux, Window's Server and Networking 

  • At least 2 years' experience providing Network and Infrastructure Audit support

  • Understanding of threat agents, attack vectors, and attack patterns as well as compensating controls and design patterns needed to mitigate risk

  • At least 5 years Vulnerability tools experience preferably with ArcSight and knowledge about other popular tools to include, but not limited to SPLUNK, Tenable, etc.

  • BA or BS degree in a relevant field

Clearance: 

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. 

SECRET clearance is required. 

Travel:  Up to 2% travel domestically in the Continental United States. 

EOE, M/F/Disability/Vet. 

Location United States-Virginia-Arlington

Job Number: A132

About MMS: Headquartered in Havre de Grace, Maryland, as Veteran-Owned, Small Business, Modern Mission Systems (MMS) employs System Engineers, DevOps Engineers, Security/Cyber Analysts, IT Specialist and Logistics Engineers and other professionals who strive to provide outstanding service to our Clients. Integrating a full range of service capabilities, MMS is the solutions provider that can assists our clients today to drive the development of tomorrow’s next-generation products and solutions.

*US Citizenship is Required

Job Type IT Cyber Services

Primary Location United States-NOVA                                

Employee Status Permanent                                                                                       

Schedule Full Time                                                                                                        

Clearance SECRET                                                                                                               

Job Level: Associate


SAP Security Analyst

Security Analyst 

Key Role: 

Our SAP Security Analystwill provide supportfor an ARMY IT Program of Record, the General Funds Enterprise Business System (GFEBS).    The SAP Security Analyst will be responsible for leadership, knowledge and technical skills to support GFEBS SAP landscape.  The primary focus of this role is SAP security authorization and user access administration across multiple SAP systems, as well as, administration and support of the GRC suite of applications and related processes.  Responsible for closely working with system integrators, PMO staff, and Shared Services Organization to enable user community to achieve their roles and objectives, while providing proper controls.

Requirements: 

The SAP Security Analysts responsibilities include but not limited to:

  • Responsible for application security for SAP environments to ensure all application modules are functional and secure.

  • Ensures the integrity and protection of SAP environments through technical enforcement of organizational security policies and monitoring of vulnerabilities.

  • Work closely with the Internal Audit, Business, SAP Functional support and Basis teams

  • Works with business and project teams to troubleshoot issues with authorization objects and identify and implement appropriate solutions

  • Understand compliance requirements which may impact security and works with business and project teams to develop security solutions which address these requirements

  • Establish, document, and ensure adherence to SAP security policies and procedures.

  • Perform routine audits to identify weaknesses in SAP system security configurations and coordinate with management to remediate.

  • Manage the full life cycle of role changes from design, development, testing, final move to production

  • Run and monitor all Security related reports, look for issues, communicate concerns and provide solutions in a timely manner.

  • Ensure appropriate IT processes, procedures, and standards are in place and being followed.

  • Assist with analysis of applicability of SAP security Notes, Hot Notes to environments(s)

  • Serve as a trusted security adviser

Basic Qualifications: 

  • SAP Experience or other ERPs

  • Bachelor's Degree in Information Systems or related field

  • 10+ years of IT experience with emphasis on SAP Solutions.

  • 10+ years' experience in designing, deploying, and supporting SAP Security roles and user accounts preferably in public sector. GFEBS experience is highly desired.

  • In-depth knowledge of SAP authorization concepts for ECC, BW, BO, SRM, PI, Enterprise Portal, Solution Manager and HANA environments. Fiori knowledge is desirable.

  • 5+ Expertise with the GRC 10.X suite of applications, Segregation of Duties, and Audit processes. Experience with latest version GRC desirable.

  • Experience in the following SAP modules: FI, CO, FM, PS, MM, SD, HR

  • Experience working with end users to translate business requirements to technical specifications for SAP ECC 6.0 (Financials) and BW/ BI.

  • Experience in BW, Business Objects, HANA database Security

  • Experience in setting up analytical and SQL privileges, Roles and granting of access

  • Expertise in IT processes, project life cycles and agile methodology

Clearance: 

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. 

SECRET clearance is required. 

Travel:  Up to 2% travel domestically in the Continental United States. 

EOE, M/F/Disability/Vet. 

Location United States-Virginia-Arlington

Job Number: A133

About MMS: Headquartered in Havre de Grace, Maryland, as Veteran-Owned, Small Business, Modern Mission Systems (MMS) employs System Engineers, DevOps Engineers, Security/Cyber Analysts, IT Specialist and Logistics Engineers and other professionals who strive to provide outstanding service to our Clients. Integrating a full range of service capabilities, MMS is the solutions provider that can assists our clients today to drive the development of tomorrow’s next-generation products and solutions.

*US Citizenship is Required

Job Type IT Cyber Services

Primary Location United States-NOVA                                

Employee Status Permanent                                                                                       

Schedule Full Time                                                                                                        

Clearance SECRET                                                                                                               

Job Level: Associate


Test/Systems Engineer Mid

Test/Systems Engineer Mid

Key Role: 

Our Test/Systems Engineer will provide supportfor an ARMY IT Program of Record.  The Test/Systems Engineerwill define, monitor and review and software test events for the program, the General Funds Enterprise Business System (GFEBS) Sensative Activies.  The Test/Systems Engineer will reviewall testing and test reports disseminated to the PMO and maintain traceability to system level requirements.  The Test/System Engineer will ensure the Gov Test Strategy is executed in accordance with DoD, and ARMY best practices and policies. 

Requirements: 

The Test/Systems Engineer will be responsible for the review, creation, update, and maintenance of Test Plans, Test Cases, and developing / updating test automation scripts.  They shall use defect tracking tools to document, track, and report defects and defect resolution.  They shall work in large SAP ERP projects and support the new capabilities testing and the operational testing of the software in on-premise and cloud environments.  They shall use tools which could support requirements traceability to test conditions.  They have a proven track record of implementing and utilizing automated testing tools and frameworks in large DoD organizations.  They exhibit the ability to work independently and as part of a team in a high paced environment.

Basic Qualifications: 

  • BA/BS in Information Systems Management, Computer Science, or equivalent related field

  • 3-5 years experience coordinating software testing activities in a government environment (DOD/Army a big plus)

  • Familiarity with DOD and Army Acquisition documentation and regulations

  • 3-5 years experience developing/documenting use/test cases and scripts

  • 3-5 years experience mapping test cases to requirements

  • Knowledgeable in the ITIL service validation and testing process a plus

  • Familiarization with Waterfall and Agile software testing methodologies/processes

  • Familiarization with the ServiceNow Automated Test Framework and automated testing module is a plus

  • Experience creating software test plans, test results reports, and defect tracking and reporting is a necessity.  

Clearance: 

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. 

SECRET clearance is required. 

Travel:  Up to 2% travel domestically in the Continental United States. 

EOE, M/F/Disability/Vet. 

Location United States-Virginia-Arlington

Job Number: A131 

About MMS: Headquartered in Havre de Grace, Maryland, as Veteran-Owned, Small Business, Modern Mission Systems (MMS) employs System Engineers, DevOps Engineers, Security/Cyber Analysts, IT Specialist and Logistics Engineers and other professionals who strive to provide outstanding service to our Clients. Integrating a full range of service capabilities, MMS is the solutions provider that can assists our clients today to drive the development of tomorrow’s next-generation products and solutions.

*US Citizenship is Required

Job Type IT Test Services                                                                                

Primary Location United States-NOVA                                

Employee Status Permanent                                                                                       

Schedule Full Time                                                                                                        

Clearance SECRET                                                                                                               

Job Level: Associate