Cybersecurity Analyst II

AECOM   •  

Virginia Beach, VA

5 - 7 years

Posted 183 days ago

Job Summary

Monitor information system activity, collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected.

Collect and review audit data of network activity to support technical analysis relating to misuse, penetration reconstruction, or othersecurityinvestigations. Investigate and report actual or suspected information systems security incidents, events, or violations and report to the Cybersecurity Manager.

Performs analyses to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls.

Conduct networksecurity vulnerability assessments using DoD provided scanning tools and liaison with network administrators to correct identified problems.

Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the range networks. Ensure that all systems are patched and report compliance or problems in achieving compliance to the Cybersecurity Manager.

Evaluate information systems for compliance with Defense Information Security Agency (DISA) Security Technical Implementation Guideline (STIG) and review measures needed to bring systems into compliance.

Conduct vulnerability scanning for new information system deployment or systems temporary connected to CTTR enclaves to support training events or testing. Ensure new information systems are configured in accordance with current DISA STIG’s and DoD/DoN Directives.

Verify all Virus Signatures are kept up to date, and Automated and Manual Virus Scans are documented, scheduled and are being completed. React to and report actual or suspected events to the Cybersecurity Manager.

Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA Controls, DoD FISMA directives, policies and regulations.

Assist the Cybersecurity Manager with development of the IA related Procedures, and Work Instructions.

Attend IA security training as required to maintain and gain knowledge and skills of current IA issues.

Support Computer System Analyst to determine limitations of existing systems and perform duties as alternate System Administrator.

Position requires ability and commitment to provide coverage outside normal working hours or shifts in daily hours, as warranted, not to interfere with Range Operations.

Documents maintenance actions in IEMS.

Work Environment, Physical Demands, and Mental Demands:

Perform duties at a variety of contract related facilities or locations including offices, mission control rooms, labs, and remote field sites. Duties involve no unusual hazards, occasional lifting to 20 pounds, constant sitting and use of a computer terminal, constant use of sight abilities while writing, reviewing, and editing documents, constant use of speech/hearing abilities for communication, and constant mental alertness.

IND-MRG

Minimum Requirements

Requires Bachelors Degree in an Information Technology related discipline (engineering, computer science, information systems, etc) and 2 years of IT/CS experience or at least 6 years of experience in lieu of degree in a combination of IA Training, IT Certification and progressive work experience in the areas of

Information System Security

System/Network Administration

IT System Implementation and Maintenance

Minimum Experience Requirements

Hands on experience in the following areas:

Maintaining NetworkAuditing systems to detect, track, and report malicious computer-related activities and incidents.

Installation, maintenance and administration of information systems to include Windows and Linux desktops and servers.

180943BR