- Perform, or review, technical security assessments of computing environments to identify points of vulnerability, noncompliance with established IA standards and regulations, and recommend mitigation strategies.
- Validate and verify system security requirements definitions and analysis and establishes system security designs.
- Design, develop, implement and/or integrate IA and security systems and system components including those for networking, computing, and enclave environments to include those with multiple enclaves and with differing data protection/classification requirements.
- Build IA into systems deployed to operational environments.
- Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application security policy and enterprise solutions.
- Support the building of securityarchitectures.
- Enforce the design and implementation of trusted relations among external systems and architecture.
- Assess and mitigate system securitythreats/risks throughout the program life cycle.
- Contribute to the security planning, assessment, risk analysis, risk management, certification and awareness activities for system and networking operations.
- Review certification and accreditation (C&A) documentation, providing feedback on completeness and compliance of its content.
- Apply system securityengineering expertise in one or more of the following to: system security design process; engineering life cycle; information domain; cross domain solutions; commercial off-the-shelf and government off-the-shelf cryptography; identification; authentication; and authorization; system integration; risk management; intrusion detection; contingency planning; incident handling; configuration control; change management; auditing; certification and accreditation process; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control); and security testing.
- Design, develop, document, analyze, test, integrate, debug, conduct research and/or discover and analyze security flaws or vulnerabilities in software, networks, systems, applications and/or provide mitigation strategies.
- Ensure system security needs are established and maintained for various objects/matters.
- Integrate new architectural features into existing infrastructures, design cybersecurity architectural artifacts, provide architectural analysis of cybersecurity features and relate existing system to future needs and trends.
- Evaluate computer software and network for threats and/or malware; collect data from a variety of networksecurity tools, including intrusion detection system alerts, firewall and network traffic logs, and host system logs to analyze events that occur within their environment.
- Employ and provide computer advanced forensic tools, technique, and intrusion support for attack reconstruction and high technologyinvestigations, while reviewing threat data from various sources.
- This position may also identify network computer intrusion evidence and perpetrators.
- B.S./B.A. in Engineering, Computer Science, System Engineering, Physics, Mathematics or a related discipline from an accredited institution and 2+ years of related experience. A valid HS diploma or GED and 8years of additional experience may be substituted for a college degree.
- Ability to understand and apply more advanced concepts and processes to daily activities.
- Willingness to assist more senior level technicians, specialists, and managers in their activities.
- Ability to perform all tasks of lower level technicians or specialist.
- Individual Work/Teamwork - Works individually and also actively participates on integrated teams.
- Ability to successfully work with minimal guidance and direction from more senior level technicians, specialists, and managers.
- Willingness to provide guidance to lower level technicians and specialists.
- Ability to frequently use and apply technical standards, principles, theories, concepts and techniques. Ability to provide solutions to a variety of technical problems of moderate scope and complexity.
- Ability to Work under general supervision. Follows established procedures.
- Willingness to have work reviewed for soundness of technical judgment and adequacy.