Location: Huntsville, AL

Why this role exists: Secret Squirrel’s research and mission systems rely on hardened Linux hosts. You’ll help keep those systems patched, monitored, documented, and resilient—learning modern sysadmin habits along the way.

What you’ll do:

• Install and configure Linux distributions (e.g., Ubuntu, Rocky/Alma, Debian) on workstations/VMs, including basic networking, users, and services.
• Apply updates/patches, manage packages, and perform routine health checks to maintain system stability and security.
• Monitor performance and logs; triage common issues (disk, memory, service failures) and escalate when needed.
• Create and maintain user accounts and groups following least‑privilege practices.
• Assist with backups and basic restore tests to support recovery objectives.
• Contribute simple Bash/Python scripts to automate repetitive tasks (e.g., inventory, log rotation, backup jobs).
• Document SOPs (installation steps, checklists, rollback plans) and keep them current.
• Support basic virtualization/container tasks (e.g., KVM/VirtualBox/Podman/Docker) as directed by senior admins.

Minimum qualifications:

• Familiarity with Linux CLI, filesystems, users/groups, and service management (systemctl).
• Understanding of TCP/IP, DNS/DHCP basics, and host firewall concepts.
• Ability to follow SOPs and accurately document steps/results.

Desired qualifications:

• Exposure to monitoring tools and log review (e.g., journalctl, top/htop, syslog).
• Intro experience with config management or scripting for automation.

NICE‑aligned KSAs (junior subset) – Work Role: Systems Administration (IO‑WRL‑005):

• Knowledge (K):
• K0744 — Operating system (OS) systems and software (Linux fundamentals, processes, services).
• K0758 — Server administration principles and practices.
• K0728 — Confidentiality, Integrity, Availability (CIA) principles.
• K0685 — Access control principles (accounts, groups, sudo).
• K0983 — Computer networking principles and practices.
• K1069 — Virtual machine tools and technologies.
• Skills (S):
• S0674 — Installing system and component upgrades (patching/packages).
• S0672 — Troubleshooting failed system components.
• S0613 — Configuring software‑based protection tools (host firewalls/AV).
• S0606 — Manipulating OS components (services, init scripts, kernel modules at a junior level).
• S0407/S0408 — Developing and maintaining SOPs.

Location: Huntsville, AL

Why this role exists:Our SOC monitors aerospace/defense systems for suspicious activity, triages alerts, and escalates incidents quickly. As a junior analyst, you’ll perform first‑line detection and triage and learn structured analysis and documentation practices.

What you’ll do:

• Monitor SIEM/EDR dashboards and ticket queues; validate alerts against known baselines and playbooks.
• Perform initial triage: gather context (host/user, process/network indicators), assess severity, and escalate per SOPs.
• Look up vulnerabilities, IOCs, and tactics using recognized sources; maintain good case notes.
• Use basic network analysis techniques to examine logs/pcaps for anomalies under mentor guidance.
• Assist with detection tuning by documenting false positives and proposing simple rule refinements.
• Support credential‑hygiene efforts (ticketing, resets, simple checks) and document outcomes.

Minimum qualifications:

• Basic understanding of security fundamentals (CIA triad, least privilege, common attack vectors).
• Comfort reviewing system/network logs and following written procedures.
• Curiosity and rigor in note‑taking, evidence collection, and escalation.

Desired qualifications:

• Exposure to a SIEM/EDR and simple query languages (e.g., KQL/SPL).
• Awareness of industry models/frameworks used in defensive operations.

NICE‑aligned KSAs (junior subset) – Work Role: Systems Security Analysis (IO‑WRL‑006)

• Knowledge (K):
• K0723 — Vulnerability data sources (e.g., NVD, vendor advisories) to support alert triage.
• K0924 — Network analysis tools and techniques (high‑level familiarity for log/pcap review).
• K0756 — Security management principles and practices (policy, exceptions, approvals).
• K0707 — Database systems and software (for querying/understanding event storage).
• K0879 — Industry cybersecurity models/frameworks (to organize findings consistently).
• K1222 — System availability requirements (impact awareness during incidents).
• Skills (S):
• S0484 — Developing/supporting user‑credential management workflows (junior support tasks, not design).
• S0600 — Collecting relevant data from multiple sources (alerts, logs, asset DBs).
• S0511 — Establishing priorities (alert triage order and escalation).

Location: Huntsville, AL

Why this role exists:You’ll help deploy and maintain Windows servers/clients that support mission‑critical operations—keeping them secure, patched, backed up, and documented.

What you’ll do:

• Install, configure, and maintain Windows servers/services; assist with upgrades and migrations.
• Manage user accounts, groups, and access controls (AD, basic GPO tasks) under guidance.
• Monitor performance, review logs, troubleshoot common server/workstation issues, and escalate complex cases.
• Apply OS/firmware patches and antivirus updates; support vulnerability remediation plans.
• Perform routine backups and assist with restores and DR exercises.
• Document configurations, changes, and procedures in clear SOPs.

Minimum qualifications:

• Familiarity with Windows Server fundamentals, AD, DNS/DHCP, and basic networking.
• Ability to follow SOPs, track tickets, and communicate clearly with end users.

Desired qualifications:

• Understanding of PowerShell scripting for small automations. [interviewguy.com]
• Exposure to monitoring or inventory tools and basic backup solutions.

NICE‑aligned KSAs (junior subset) – Work Role: Systems Administration (IO‑WRL‑005):

• Knowledge (K):
• K0758 — Server administration principles and practices (Windows focus).
• K0744 — Operating system systems and software..
• K0829 — Account creation policies and procedures.
• K1014 — Network security principles and practices.
• K0736 — IT security principles and practices (patching, hardening).
• Skills (S):
• S0674 — Installing system and component upgrades (patching/feature updates).
• S0672 — Troubleshooting failed system components.
• S0613 — Configuring software‑based protection tools (Defender AV/Firewall).
• S0407/S0408 — Developing and maintaining SOPs (joiners/leavers, backup procedures).
• S0451 — Deploying continuous monitoring technologies (basic agent health checks, log forwarding).