Information System Security Specialist
OverviewBy Light Professional IT Services is seeking a Information System Security Specialist to join our Joint Regional Security Stacks (JRSS) program team in Hanover, MD.
This is an exciting key position to a major Department of Defense initiative.
The candidate will will guide and advise on all matters involving the Risk Management Framework (RMF), Assessment and Authorizations (A) and day-to-day security of JRSS.
Analyst will work closely with government and IA Team to support Authorization to Operate accreditation conditions and requirements.
ResponsibilitiesConduct network security reviews that include validation of DISA's Security Technical Implementation Guide (STIG), network security policy, requirements and design.
Managing and documenting A projects using Enterprise Mission Assurance Support Service (eMASS) A workflow platform.
Advise, conduct and document risk assessments, development of System Security Plans (SSP), Plans of Action and Milestones (POA) and security policies and proceduresProvide guidance in the implementation of security controls, doctrine and policies.
Implement information assurance (IA) and security standards and procedures to identify, report and resolve security violations.
Establish and satisfy IA and security requirements based upon user, policy, regulatory, and resource demands.
Integrate and implement computer system security solutions.
Analyze general IA related technical problems and support in solving these problems.
Monitor the JRSS Stack for IAVA compliance and assess impact on DOD computer networks.
Manage Assured Compliance Assessment Solution (ACAS) to enable automated network vulnerability scanning, configuration assessment, application vulnerability scanning, device configuration assessment, and network discoveryManage McAfee ePolicy Orchestrator (HBSS) to prevent, detect, track, report, and remediate malicious computer-related activities and incidents Required Experience/QualificationsBS degree in Computer Science, or other comparable technical degree from an accredited college/university and 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience.
Must possess excellent writing and communication skills; have the ability to develop documentation and management level presentations.
Candidate is expected to have technical knowledge and skills in one of the following areas:
System Administration, network engineering, applications, and security operations.
Demonstrate potential and willingness to learn and adapt to rapid changes in technology.
Preferred Experience/QualificationsSecurity+, CISSP certificates or other security certificates that meet DOD 8570 IAT Level II.
Experience in performing risk assessment, IT audits, security planning, systems accreditation and policy development.
Experience complying with DoD regulations and preparing for responding to information security audits and questionnaires.
Understanding of related information technology (eg firewalls, VPN, virtualization, DLP, etc) and physical security assets.
Understanding of basic networking, routing and transport security technologies and architecturesKnowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
Experience with UNIX/LINUX OS and any scripting language.
Experience working with IDS/IPS and processes.
Special Requirements/Security ClearanceSecret clearance required.
Estimated Salary: $20 to $28 per hour based on qualifications.
This is an exciting key position to a major Department of Defense initiative.
The candidate will will guide and advise on all matters involving the Risk Management Framework (RMF), Assessment and Authorizations (A) and day-to-day security of JRSS.
Analyst will work closely with government and IA Team to support Authorization to Operate accreditation conditions and requirements.
ResponsibilitiesConduct network security reviews that include validation of DISA's Security Technical Implementation Guide (STIG), network security policy, requirements and design.
Managing and documenting A projects using Enterprise Mission Assurance Support Service (eMASS) A workflow platform.
Advise, conduct and document risk assessments, development of System Security Plans (SSP), Plans of Action and Milestones (POA) and security policies and proceduresProvide guidance in the implementation of security controls, doctrine and policies.
Implement information assurance (IA) and security standards and procedures to identify, report and resolve security violations.
Establish and satisfy IA and security requirements based upon user, policy, regulatory, and resource demands.
Integrate and implement computer system security solutions.
Analyze general IA related technical problems and support in solving these problems.
Monitor the JRSS Stack for IAVA compliance and assess impact on DOD computer networks.
Manage Assured Compliance Assessment Solution (ACAS) to enable automated network vulnerability scanning, configuration assessment, application vulnerability scanning, device configuration assessment, and network discoveryManage McAfee ePolicy Orchestrator (HBSS) to prevent, detect, track, report, and remediate malicious computer-related activities and incidents Required Experience/QualificationsBS degree in Computer Science, or other comparable technical degree from an accredited college/university and 4 - 8 years of prior relevant experience or Masters with 2 - 6 years of prior relevant experience.
Must possess excellent writing and communication skills; have the ability to develop documentation and management level presentations.
Candidate is expected to have technical knowledge and skills in one of the following areas:
System Administration, network engineering, applications, and security operations.
Demonstrate potential and willingness to learn and adapt to rapid changes in technology.
Preferred Experience/QualificationsSecurity+, CISSP certificates or other security certificates that meet DOD 8570 IAT Level II.
Experience in performing risk assessment, IT audits, security planning, systems accreditation and policy development.
Experience complying with DoD regulations and preparing for responding to information security audits and questionnaires.
Understanding of related information technology (eg firewalls, VPN, virtualization, DLP, etc) and physical security assets.
Understanding of basic networking, routing and transport security technologies and architecturesKnowledge of domain structures, user authentication, data encryption, access audits and end-user security best practices.
Experience with UNIX/LINUX OS and any scripting language.
Experience working with IDS/IPS and processes.
Special Requirements/Security ClearanceSecret clearance required.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
