The ITCC Cyber security /Information Assurance/Security Specialist Master, is a recognized authority on relevant IT Security subject matter knowledge, including security technologies, theories, or techniques (such as security frameworks and methodologies). Contributes to the development of innovative principles and ideas.. Routinely exercises independent judgment in developing methods, techniques and criteria for achieving objectives. Responsible for providing information assurance (IA), computer network defense, and technical review support to government and ITCC operations; including, but not limited to, reviewing requirements for security related capabilities, working computer network defense (CND) and IA background and skills, analysis, correlation, and prioritization of vulnerabilities discovered in scans and vendor bulletins, monitoring of intrusion detection system and other CND tools, and providing vulnerability tracking and status reporting on vendor provide or DoD mandated patches. Working knowledge of installation, maintenance, and upgrading of OSs and applications for the server and client environment. Assists in the development and implementation of policies and procedures relating to information assurance and network security. Proactively monitors vendor and DoD IA notices and reports results. Assists in devising targeted metrics to assess performance. Understands, adheres to, and implements overall security and configuration policies. Provides advice on monthly vulnerability releases. Updates projects on an on-going basis to reflect current status of IA activities and tasks. Supports documentation, databases and reporting relating to IA assigned responsibilities in ITCC. Develop and deliver presentations at senior levels for large, complex projects.
- Monitors securityaudit and intrusion detection system logs for system and network anomalies. Investigates and/or escalates security violations, attempts to gain unauthorized access, virus infections that may affect the network or otherevent affecting security. Documents and reports event(s).
- Assists in providing engineering analysis, design and support for firewalls, routers, networks and operating systems.
- Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.
- Assists in the review and recommends the installation, modification or replacement of hardware or software components and any configuration change(s) that affects security.
- Assists in providing oversight and enforcement of security directives, orders, standards, plans and procedures at server sites.
- Establish and maintain a professional working relationship at multiple levels both internally and with the customer by understanding the customer’s business context and their unique situation
- Collaborate with both internal and external/industry experts to anticipate customer needs in order to facilitate the definition and development of the solution
- Collaborate with the account team to meet or exceed revenue, product, customer satisfaction and market share goals for assigned account(s)
- Determines enterprise Cybersecurity and security standards.
- Develops and implements Cybersecurity/security standards and procedures,
- Coordinates, develops, and evaluates security programs for an organization, recommends Cybersecurity/security solutions to support customers' requirements.
- Identifies, reports, and resolves security violations.
- Establishes and satisfies Cybersecurity and security requirements based upon the analysis of user, policy, regulatory, and resource demands.
- Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.
- Analyzes general Cybersecurity-related technical problems and provides basic engineering and technical support in solving these problems.
- Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.
- Adheres to USSTRATCOM and Department of Defense CybersecuritySecurity Technical Implementation Guide (STIG) policies and conducting initial and recurring Security Authorization Packages.
- Responsible for preparing, coordinating, managing, and tracking Interim Authority to Test (IATT), Authority to Operate (ATO), and Plan of Action and Milestone (POA&M) requests and approval credentials issued by the Authorizing Official (AO), as well as System Authorization Package and Change Requests for initial and recurring authorizations.
- Bachelor's degree in Computer Information Systems, Computer Science, Information Technology, Information Science, Information Systems, or a related discipline, with a minimum 12 or more years relevant industry experience
- Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.)
- Experience working with NIST Special Publications or related publications and the C & A process methodology
- Ability to interact with employees at all levels
- Possess Security+ certifications or equivalent
- ITIL v3 Foundation certification
** The candidate hired for this position must be a US Citizen with an active top secret security clearance with eligibility for SCI – or – must be capable of maintaining/ obtaining a TS/SCI clearance. If the candidate does not have a top secret clearance, a minimum of a Secret security clearance is required to start work on-site for this contract. **
- In-depth understanding of IT securityarchitectures and third party integrations
- Common understanding of the viewpoints and models required for the delivery of DoDAF Architecture Framework artifacts
- Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists
- Experience working with relevant operating system security (Windows, Solaris, Linux, etc.)
- Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
- Excellent verbal and written communication skills, influencing skills and ability to work effectively with a team
- Critical thinking skills, both qualitatively and quantitatively, ability to prepare a well-grounded, defensible argument
- Demonstrated technical leadership skills
- Ability to work in a complex ever changing environment with short turn around tasking internally and with the client