Job Details

ID #3850886
State Georgia
City Warnerrobins
Full-time
Salary USD TBD TBD
Source S&K Technologies, Inc.
Showed 2020-05-01
Date 2020-05-02
Deadline 2020-07-01
Category Et cetera
Create resume

Info Assurance Support Spec

Georgia, Warnerrobins 00000 Warnerrobins USA

Vacancy expired!

POSITION PURPOSE: The Information System Security Officer shall monitor, coordinate, and conduct System Security evaluations, audits, and reviews.Essential Function:

Conducting DOD Risk Management Framework (RMF) (DoDI 8510.01) and Common Criteria process and controls and FISCAM (NIST 800-53 and DODI 8510.01). Review NIST current policy/processes and recommend corrective action as required.

The ISSO shall perform and interpret vulnerability assessments. Provide comprehensive Information Assurance Vulnerability Management (IAVM) support by documenting and reporting the Information Assurance Vulnerability Alerts (IAVA), Information Assurance Vulnerability Bulletins (IAVB) and Time Compliance Network Orders (TCNO) for RAMPOD.

The ISSO shall support the development, review, endorsement, and maintenance of all IA related security documentation for all applications (e.g. System Security Plans (SSP)), networks, and stand-alone systems, including certification and accreditation processes. Contribute to the development and testing of contingency plans for mission critical and essential unclassified computer systems to ensure unplanned disruption of service will not critically impact the mission.

Contribute to the development, review, endorsement, maintenance, and submittal of the System Security Authorization Agreement (SSAA) package for approval to operate. Help with monitoring existing and new DOD IT and Security policies to ensure currency and compliance.

Conduct risk and vulnerability assessments of planned and installed information systems; participate in system and network design to ensure information security policies are followed; conduct analysis, periodic testing, evaluation, verification, and review of information system installation at the appropriate classification level.

Prepare Incident and Violation Management documents that are reported to DOD reporting chain.

The ISSO shall monitor, coordinate, and direct the implementation of security guidelines and actions appropriate to remedy security deficiencies (i.e., viruses, intrusion attempts, access, denial, password violations, network bypass, etc.); participate in gathering, analyzing, and preserving evidence used in the prosecution of computer crimes; and when required, provide support with the investigation and report all DOD Information Security violations.

Review Assured Compliance Assessment Solution (ACAS) scans received from the 78th ABW for implementation of corrective actions as required.

Review and recommend the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.

Provide other services not specifically stated in relation to RAMPOD IA.

Developing, modifying, and maintaining IA related security documentation.

Providing Incident and Violation Management ensuring that security violations/incidents are properly reported.

Analyze, interpret, and apply FISMA, NIST and DOD Cybersecurity policies and guidance to meet compliance.

Initiate actions to improve or restore Cybersecurity posture as well as conduct security reviews of Cybersecurity controls in accordance with the approved continuous monitoring strategy.

Perform initial evaluation of each vulnerability or incident and begin corrective or protection measures and reports according to AFI 33-100.

Validate user-access privilege levels IAW written guidelines.

Ability to listen and communicate effectively with others, express ideas, and encourage discussion and openness. Effectively use written and oral communication techniques to clearly present technical information and negotiate solutions to problems. Apply diplomacy and tact in dealing with controversial and political issues.

Job Requirements:Education: Bachelor's degree in Technical field, such as Computer, Engineering or Information Systems, from an accredited university.Experience: 3-5 years’ experience in providing System Security support. Experience in Access control; awareness and training; audit and accountability; certification, accreditation, and security assessments; configuration management; contingency planning; identification and authentication; incident response; media protection; physical and environmental protection; personnel security; risk assessment; systems and service acquisition; system and communications protection; and system and information integrity.

Have DOD 8570.1-M for IA Work Force requirements at the IAM II or III certification level by holding an active certification in any one of the following: CCNA Security, CySA+, GICSP, GSEC, SSCP, Security + CE, CISM, GSLC, CCISO, CAP, CASP+ or CISSP.

Experience in conducting and/or overseeing Risk and Vulnerability Assessment for IT Systems.3 or more years’ experience working with security system functions, technical security safeguards, security policies and operational security measures to include a working knowledge of the DoD 8500.

Knowledge and experience with Federal Information Security Management Acti (FISMA), E- Government Act, Freedom of Information Act (FOIA), Privacy Act, and other Federal requirements, as well as all National Institute of Standards and Technology (NIST) publications related to Certification and Accreditation (C&A), specifically: System Security Plans, Contingency Plans, Configuration Management Plans, Privacy Impact Assessment, and other security documents.

Knowledge of Automated Information System Security policy and guidance as mandated by Congress in Public Law (PL 100-235) Computer Security Act, and Office of Management and Budget in OMB Circular A-130, Department of Commerce Federal Information Processing Publications (FIPS PUBS), and National Security Agency standards.

Technical knowledge of network and router protocols, firewalls, Bastion Hosts, Virtual Private Networks (VPNs), NIPRNET, SIPRNET, and modern computer operating systems.License, Cert or Registration: Should have one or more of the following certifications: CCNA Security, CySA+, GICSP, GSEC, SSCP, Security + CE, CISM, GSLC, CCISO, CAP, CASP+ or CISSP.

Current drivers’ license

Proof of U.S. citizenship

Must have a current SECRET clearance or an inactive SECRET clearance within the last 24 months, enabling access to various Government facilities.Special knowledge, skills & abilities:

In order to perform the above tasks, personnel must be sufficiently versed in information assurance, information technology network architecture, and possess strong analytical skills. Personnel must be capable of applying technical discipline, following specific procedures in carrying out the support functions, and assembling data to document and analyze activities. They must also be capable of researching problem situations and developing recommended solutions. Work will be reviewed periodically to insure compliance with procedures and quality standards.

Must possess an excellent understanding of technical issues, ability to communicate verbally and in written form effectively, and the ability to work within U.S. Government contractual realm. This position requires the ability to communicate effectively before groups of customers or employees of the organization. Excellent telephone skills and knowledge of troubleshooting using vendors. The employee must demonstrate strong oral and written English communication skills.

To perform this job successfully, an individual should have extensive knowledge of Information Assurance practices and conventions, IA/network analysis tool and software.

To perform the job successfully, an individual should demonstrate the following competencies: MS Office Suite, Problem Solving, Contingency of Operations, System Security, Oral/Written Communication, Attendance/Dependability, Risk Management, Attention to Detail

Vacancy expired!

Subscribe Report job