Vacancy expired!
Description
Job Description:Are you interested in being part of a world class team that is supporting one of the world's largest integrated transportation, logistics and supply chain systems? Interested in a position that will encourage and promote future growth opportunity? If this excites you, Leidos has just the role for you!Leidos has been asked to provide key talent in support of an Information Assurance Engineer on the IGC III program. As IA Engineer, you'll be working with IGC which is USTRANSCOM's System of Record for In-Transit Visibility (ITV) and Asset Visibility (AV). Customers that you will be supporting and sustaining include the Combatant Commands, Services, DOD, and other federal agencies.Location: Work will be primarily performed remote, with on-site support at Scott AFB, IL as required.What will you do as Information Assurance Engineer?- Maintain compliance of the IGC program utilizing Risk Management Framework (RMF) in accordance with National Institute of Standards and Technology Special Publication 800-37 (NIST SP 800-37)- Access the Information Assurance Support Environment (IASE) Security Technical Implementation Guide) STIG repository to download, benchmarks, STIGs and tools- Utilize the STIG Viewer to create checklists, analyze vulnerabilities, determine findings and prepare remediation and mitigation strategies for RMF Continuous Monitoring requirements- Review weekly USCYBERCOM Information Assurance Vulnerability Alerts and Bulletins (IAVAs and IAVBs) for applicable vulnerabilities- Submit weekly Information Assurance Vulnerability Management (IAVM) reports and prepare IAVM and non-IAVM patch packages for manual patch application by system administrators- Analyze Assured Compliance Assessment Solution (ACAS) scans using the Enterprise Security Posture System (ESPS) and report IAVM and non-IAVM vulnerabilities to system administrators to ensure systems are patched prior to remediation due dates- Maintain quarterly RMF STIG Plan of Action and Mitigation (POA&M) and weekly IAVA POA&M- Install Microfocus Fortify Scan Engine/Rulepack updates to Clearcase. - Scan/Analyze IGC code utilizing Microfocus Fortify and collaborate with customer/developers to mitigate/remediate security findings- Prepare and deliver IGC releases for Government security approval- Prepare and update RMF documentation as part of Continuous Monitoring- Develop metrics for measuring and improving the effectiveness of the IGC security plan- Manage secure systems and security containers in a classified environment- Communicate directly with military, other contractors, and U.S. Government personnel; therefore, requires excellent oral and written communication skills- Prepare and lead weekly Information Assurance meeting- Collaborate with developers and engineers to advise on secure system configurations- Provide Vulnerability Assessments with recommended mitigation/remediation steps - Additional duties may include supporting Technical Writing, Systems Analyst/Administration, Tier2 Help Desk, Test Engineering, Development- Tailor Leidos Engineering procedures to meet program requirements and standards. - Support proposal efforts and other tasks, as required.The minimum qualifications required to be considered for this role are as follows: Must hold an active DoD Secret Clearance B.S. in Cyber Security, Computer Science, Information Technology, or related field and 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience or 12+ years' of experience in lieu of degree Must hold current DoD-8570 IASE Level 2 baseline certification (CISSP, CISSP-Associate, CSSLP, or CASP+ CE) Experience with Risk Management Framework (RMF) Demonstrated hands-on experience with vulnerability scanning solutions Demonstrated hands-on experience with the DOD Information Assurance Vulnerability Management program Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, defense-in-depth and common security elements Experience with any of the following: Anti-Virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security Knowledge of Department of Defense (DoD) 8500 series instructions, Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS) guidelines and (NIST) 800 series to ensure compliance of deployed and local infrastructure assetsThe preferred qualifications that would make you stand our (but are not required) include:Knowledgeable and/or Experience with the following: Experience with Security Tools Understanding of Sharepoint Understanding of VMware technology Understanding of Systems and Test Engineering Processes Experience with malware analysis concepts and methods Understanding of Department of Defense Military standardsN2NOMSPay Range:Vacancy expired!