Title: Information Assurance Security Engineer (e-MASS)
Location: San Antonio, Texas
Basic Qualifications & Education:
- Technical proficiency and experience in systems administration, network administration, or IT engineering; requires breadth of knowledge of IT technologies. Requires a minimum of 3 years’ experience in IT.
- Expert-level knowledge of IT security protocols, tools, and systems. Requires at least 3 years’ hands-on administering systems security, network security, firewalls, intrusion detection and prevention systems, vulnerability and risk assessments, HBSS, incident response systems, anti-virus products,and/or other security software and tools.
- Expert level e-MASS expertise, at least 2 years dedicated hands-on experience but preference for SME-level proficiency.
- Strong hands-on experience with patch management and compliance.; at least one year dedicated hands-on experience but preference for SME-level proficiency.
- DOD 8570.01 IAT Level ll Certification (Security+CE, GSEC, SSCP, or CCNA-Security) required.
- Public Trust or higher government-issued security clearance.
- Proficiency with IT Security requirements, standards, and best practices. Knowledge and direct experience with DOD Security protocols, technologies, tools, and risk management activities, to include DISA and DoD Regulations, Certification and Accreditation (A&A) activities, Risk Management Framework (RMF) or DIACAP, and knowledge of Communications Tasking Orders (CTO) and Warning Orders (WARNORDS) issued by JTF-GNO and DISA.
- Ability to work independently and be self-directed, working as a stand-alone resource reporting to a remote team.
- Bachelor’s degree in related field or 4 years of full-time information technology experience in lieu of a degree.
- Strong written and verbal communication skills; ability to document processes and write comprehensive security recommendations.
- Professional attitude, able to communicate and interact with individuals at all levels across various information technology and business sectors.
- Strong organizational, project management, and customer service skills. Ability to act in the best interest of the client both within a team and self-directed.
- Excellent interpersonal, interviewing, analytical and problem-solving skills to address variable situations.
Principal Duties & Responsibilities:
- Perform IASE duties in a self-directed environment as.member of a greater information assurance team.
- Provide communication and feedback on enclave security posture based on client defined needs and requests.
- Conduct scanning and vulnerability management in coordination with compliance operations team.
- Review new systems and software and modifications to existing configurations for security impact, performing risk analysis and documenting results.
- Provide information on security controls and policy to client and other operational teams and assist in the implementation of patching and technical mitigations.
- Ensure compliance with Communications Tasking Orders (CTO) and Warning Orders (WARNORDS) issued by JTF-GNO and DISA.
- Assist with Certification and Accreditation activities (including documentation, scanning, mitigation activities, and identification of false positives).
- Assist in identifying, reporting, investigating, and responding to security breaches and network incidents.
- Assist in creation and management of Plan of Action and Milestone (POAMs) documentation.
- Review and enforce security policy, guidance, and directives.
- Provide reporting metrics to Management to assist with policy and direction.
- Perform self-assessment activities using current assessment technologies, e.g. PGD, Retina, AppDetective, WebInspect.
- Monitor and report as well as advise and design systems to enhance or to increase the Security level of the environment and support the mission.