Company DescriptionAbacus Technology Corporation is a Federal government contractor and provider of enterprise information technology (IT) services and solutions. For 40 years, we've developed effective partnerships with government and industry to tackle business challenges and pressures for Federal Defense, Civilian, and Intelligence customers. Abacus maintains core competencies in: IT Infrastructure Support, Network Operations and Maintenance, Communication Solutions, Systems Engineering and Integration, Cyber Security / Information Assurance, Application Development, Program Management, and Business Transformation.
Job Description- Assist in building, coordinating, maintaining, changing, and updating, the RMF A&A packages for the five enclaves administered by AFOSI.
- Implement security controls and assist AFOSI customers with the implementation of controls.
- Continuously monitor control compliance and remediate or POA&M systems as required.
- Collaborate with enterprise operations and development teams to ensure the infrastructure and application are configured within DoD requirements.
- Develop and maintain System Security Documents in accordance with the RMF Process to include policies, plans and procedures.
- Ensure that all application deliverables and systems comply with applicable DISA STIGs or Security Requirements Guidance.
- Assist in maintaining and updating HQ's AFOSI Governance, Risk and Compliance (GRC) application for assessing/managing risk, and authorizations for all AFOSI data networks.
- Implement security controls and assist AFOSI customers with the implementation of controls. Continuously monitor control compliance and take immediate actions to bring systems into compliance.
- Audit security log information using Splunk Enterprise, track firewall rule activity to create security baselines, and create alerts and reports.
- Utilize the ACAS vulnerability scanning suite to identify configuration problems and missing patches.
- Track and analyze Plan of Action & Milestones (POA&Ms) reports to conduct risks assessments.
- Assist in the review of current Cyber Operational Readiness Assessment (CORA) requirements and ensure systems and their operations are compliant.
Qualifications5 years experience in cyber security and information assurance with at least 3 years of experience in systems administration for server and infrastructure support. Bachelor's degree in a related field desired. Must be certified at IAT Level III (e.g., CASP+ CE/SecurityX, CISA, CCNP Security, CISSP, or equivalent certification satisfying DoD 8570/8140 certification requirements). Experience with RMF, STIGs, GRC, PPSM, event log audit. Working knowledge of firewall functionality. Knowledge of analyzing the result of a security risk assessment. Experience with the RMF steps to include categorization, security control selection, implementation plan development, assessment, and continuous monitoring. Knowledge of the Information Assurance Vulnerability Management (IAVM) process and Common Vulnerabilities and Exposures (CVE) framework. Experience with PowerShell scripting to automate repetitive tasks and gather security information. Experience creating, reviewing, and revising security documentation and artifacts. Experience with Vulnerability Management tools, such as ACAS, including the ability to read and analyze automated vulnerability reports. Experience with Fortify Static Code analyzer, or another code scanner, desired. Experience with security information and event management (SIEM) software, such as Splunk or ArcSight. Must possess analytical skills to troubleshoot cybersecurity issues and the ability to conceptualize server infrastructures and configurations. Experience with Asset Management software, such as Lansweeper or SolarWinds desired. Experience configuring and troubleshooting firewalls, and using protocol analyzers desired. Experience participating in cyber security inspections and in Computer Network Defense (CND) actions such as incident response desired. Experience with DoD IT environment and networks. Must have strong communication skills and be able to work comfortably with all levels of an organization. Must be a US citizen and hold a current Top Secret clearance with SCI access (TS/SCI).
Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.Additional InformationAll your information will be kept confidential according to EEO guidelines.
