JCIP Expert Reviewer – UNIX

Roles and Responsibilities

JCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). Conduct thorough technical assessments of UNIX-based systems (e.g., Solaris, AIX, Linux variants) for compliance with Intelligence Community Directives (ICDs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 Rev 5 and 800-171 controls.

JCIP Technical Reviewers play a pivotal role in evaluating the cybersecurity posture of enterprise environments across the Intelligence Community (IC). Conduct thorough technical assessments of UNIX-based systems (e.g., Solaris, AIX, Linux variants) for compliance with Intelligence Community Directives (ICDs), Security Technical Implementation Guides (STIGs), Security Requirement Guides (SRGs), and NIST 800-53 Rev 5 and 800-171 controls.

• Perform manual audits of UNIX configurations, user access controls, file system permissions, patch management, and security logging.
• Analyze vulnerabilities related to UNIX systems and recommend mitigation strategies aligned with JCIP and IC security policies.
• Interpret and apply complex STIG requirements specific to UNIX environments.
• Collaborate with system administrators, security teams, and leadership to present findings and provide actionable security recommendations.
• Lead and mentor Level 1 UNIX inspectors, providing guidance on technical evaluations and inspection reporting.
• Stay updated on emerging UNIX threats, patches, and best practices for system hardening.
• Participate in inspection planning, execution, and reporting.
• Travel as required to support onsite inspections. (8‑12 weeks of travel avg, some international and passport required).
• The primary day‑to‑day seat is at Tysons Corner.

• Deep understanding of UNIX operating systems including Solaris, AIX, and major Linux distributions (Red Hat, CentOS, Ubuntu).
• Expertise in system hardening, patch management, user and group management, file permissions, and security auditing.
• Proficient in interpreting UNIX‑specific STIGs and aligning findings with NIST 800‑53/800‑171 controls.
• Familiarity with shell scripting for automation of audit and remediation tasks.

• Strong hands‑on experience performing manual UNIX system security audits.
• Ability to analyze system logs, identify anomalies, and assess system security posture.
• Effective verbal and written communication skills for technical briefings and reporting.
• Leadership and mentoring capabilities for guiding junior inspectors.

• Independently lead UNIX inspections with minimal supervision.
• Provide expert recommendations for system configuration and architecture improvements.
• Manage inspection schedules and deliverables effectively.
• Adapt inspection techniques to diverse UNIX environments and organizational policies.

• Obtain an IAT‑III or Maintain IAT Level III Certification in compliance with DoD 8570.01‑M and DoD Directive 8140 Cyberspace Workforce Management.
• CASP+ CE
• CCNP Security
• CISA
• CISSP (or Associate)
• GCED
• GCIH
• CCSP

• Level 1 - CompTIA Linux+, Red Hat Certified System Administrator (RHCSA), Solaris Certified System Administrator (SCSA)
• Level 2 - Red Hat Certified Engineer (RHCE), Linux Professional Institute Certification (LPIC‑2), Certified Information Systems Security Professional (CISSP)
• Level 3 - Red Hat Certified Architect (RHCA), GIAC Certified UNIX Security Administrator (GCUX), CISSP‑ISSAP

Possess a master’s degree, with 8+ years of total experience/equivalent certifications.

Master’s degree may be substituted with a bachelor’s degree and 5+ years of additional experience/equivalent certifications, for a total of 13+ years.

Hold a Top Secret Security Clearance with SCI eligibility.

Ability to Pass CI Poly.