Information Assurance Security Engineer
Provide expert technical services on all aspects of Information Security. Responsible for writing information security policy drafts; writing and reviewing Memorandum of Agreements and coordinating and managing all aspects of the Certification and Accreditation. Advise and assess system design/architecture as well as defining; designing and evaluating information security systems. Manage multi-agency information sharing and integration security. Maintain affiliations with high-level personnel at multiple agencies and organizations involved in Information Security. Tasking includes incident response; system access approval; audit log review; Configuration Control Board and daily consultations/consulting on a wide variety of security issues. Report; document and investigate all security related incidents; assist with development and implementation of corrective measures.
• Act as the representative of the Information System Security Manager ensuring compliance with IS security procedures.
• Support efforts to operate, maintain, and dispose of information system materials in accordance with security directives, policies and practices and as annotated in Systems Security Plans.
• Generate and implementation of requisite security training ensuring user security awareness of responsibilities prior to system access.
• Initiate protective and corrective measures when incident or vulnerabilities are discovered.
• Ensure IA hardware and software complies with security configuration guides.
• Implement and enforce IA policies and procedures as defined by A&A documentation.
• Ensure users are aware of their IA responsibilities.
• The ability to work on multiple projects/tasks at once and operate in a dynamic, fast-paced, team-oriented environment.
• Perform Operations & Sustainment (O&S) functions for the NCE network security infrastructure (firewalls, web gateways, mail gateways, ids, load balancers, performance monitoring tools, mgt systems, etc)
• Perform maintenance and/or advanced configuration of equipment in order to protect the network from emerging cyber threats
• Conduct forensic traffic/log analysis to isolate issues or respond to analyst alerts
• Maintain and administer network infrastructure standards, documentation and fault tolerance
• Execute remediation process to implement technical solutions to address vulnerability findings via ACAS security scan.
• Candidate must have knowledge of and experience with ICD 503 and be familiar with Cloud Infrastructure/AWS-based solutions.
• Candidate must possess IAM II certification to start in accordance with DOD 8570.1M.
• Candidate is required to understand how our customer's RMF process work and how systems security requirements will be met.
• Experience installing, hardening, deploying, documenting, and troubleshooting network perimeter security technologies.
• Experience and scripting ability on Unix and/or RHEL OS
• Experienced with complex Microsoft macros, and PowerShell scripts
• Basic understanding of Windows Enterprise AD architecture and VMWare Virtualization
• Must be proficient in network routing/vlan technology
• Experience with Cloud Infrastructure/AWS-based technology
• Experience using security tools such as ACAS, HBSS, Carbon Black, Tanium, RedSeal, and EMET
• Ability to review Plan of Action and Milestones (POA&Ms) and conduct a technical decomposition categorization, remediation, and lien resolution
CISSP certification or equivalent (CAP; GSLC; CISM)
System administration experience
Network engineering experience
System design and development experienceDefines, plans, designs, and evaluates information security systems. Assesses architecture and current hardware limitations, defines and designs system specifications, input/output processes and working parameters for hardware/software compatibility. Performs a variety of complex tasks associated with information security ranging from the design of security components to complex architectures. Supervise the work of other engineers performing a variety of information security tasks.
Years of Experience Required:
Years of Experience Desired: