Information Assurance Engineer
This role is in support of the U. S. Army Reserve (USAR) on DISA GSM-O out of Ft. Bragg, NC on the Information Assurance Program Support Task Order. This task order’s objective is to provide IA program support to the USAR G-6, Information Assurance Program Management Division.
Candidate will be a member of the day to day IA USAR operations support team.
Selected candidate will be responsible for:
- Maintaining and verifying compliance of USAR systems
- Recommending best business practices and secure methodologies to maintain and/or improve security posture of USAR Information Systems, the network, and remedy deficiencies.
- Awareness of vulnerabilities and newest patches, and verifying that the USAR has applied appropriate patches, STIGs, and control mechanisms as per directives.
- Assisting in the development and tracking of POA&Ms and work with USAR sites for timely closure.
- Will possess IA expertise to provide recommendations to address gaps in compliance, verify findings of Site Assistance Visits (SAV)/site inspections have been resolved, and work with the sites to bring their sites and systems into compliance.
- Generating compliance assessment reports for the USAR based on compliance data and scanning results gathered from existing tools.
- Providing expertise to USAR to resolve computer security incidents and vulnerability compliance, assessing vulnerabilities due to evolving technologies, and security engineering services with recommendations throughout project lifecycles.
-The successful candidate is expected to have an in-depth understanding of networking architectures and security elements to include 3 or more of the following: network and host based intrusion detection systems, antivirus, SIEM and event correlation, incident response, file integrity monitoring, full packet capture, forensics, and encryption.
- In-depth experience with vulnerability analysis assessments; experience in verification methods for determining that appropriate patches, STIGs, and control mechanisms have been applied and are compliant
- Knowledgeable of Risk Management Framework tools and procedures.
- Familiarity with one or more of the following standards: DoD8500.1, DoD8500.2, DIACAP
- Experience with Cyber certifications, tools and procedures.
- Experience with Cyber tool mapping and contribute to cyber tool planning.
- Experience in systems engineering, system security design and requirements analysis.
- The candidate must have advanced communication and presentation skills (verbal and written)
- Must have strong interpersonal, organizational and critical thinking/problem solving skills.
- Possess and demonstrate a level of understanding of Risk Management Framework (RMF) and DOD Information Assurance Certification & Accreditation Process (DIACAP).
- Must have experience working in a team environment and possess the ability to plan and execute tasks efficiently and gather and disseminate information working with peers, subordinates and management.
- Experience with software installation/distribution and configuration management.
- Application of technical understanding of network computer security including processing of data from Unclassified to SECRET, server hardware and software, data bases, file systems, and integration of cryptographic components are needed for this position.
- Applicants must have the ability to show demonstrated expertise in integration of security requirements applied computer networks connected to US Government and foreign government networks.
- Applicants must have the ability to support the government in analyzing results of CCRIs in support of Information Assurance / Computer Network Defense / Cyber Defense accreditation for USAR unclassified and classified information systems and networks.
- Experience with developing and flowing requirements, security design definition, integration and testing. Experience with Information Assurance Vulnerability Management (IAVM) tools and procedures and other cyber protection tools.
- Experience with verifying compliance through analysis of CCRI, SAV, ACAS results, POA&M tracking, and analysis of mitigation efforts.
- Experience performing vulnerability analysis assessments.
- Expected to work independently under general direction with subordinates, staff and supervisors to define and translate IAVM compliance reports.
- 8570 Security + IAT Level 2
EDUCATION: Bachelors degree from an accredited college in a related discipline, or equivalent experience/combined education, with 8 years of professional experience; or 6 years of professional experience with a related Masters degree. 4 years of related experience may be considered in lieu of degree.
DESIRED SKILLS: - Previous experience in working in a customer environment
- One or more of the following certifications: CISSP, CAP, CISM, CISA, CASP
- Experience with development or review of PO&AMs
- Experience in: scanning tools such as ACAS, current DIACAP or RMF repository tools such as the Enterprise Mission Assurance Support Service (eMASS).
- Knowledgeable of DoD and Army Ports, Protocols, and Services Management (PPSM)
- Knowledgeable of POA&M tracking
- Experience with NIST RMF processes and artifact development
- Experience developing and interpreting design requirements and implementation roadmaps, metrics and other controls to monitor and report on program progress and health.
- Degree in Cyber, Information Assurance, Computer Science, Software Engineering, Systems Engineering, or Electrical Engineering.
- Ability to work task assignments independently and effectively in a team environment
- Ability to decompose requirements to assure accurate and efficient flow to meet and help drive business guidelines and program contractual needs.
- Additional certifications for DoD Information Assurance Technical (IAT) Level II. Certification for DoD Information Assurance Manager (IAM) Level III and have one of the following certifications:
-- GIAC Security Leadership Certification (GSLC)
-- Certified Information Security Manager (CISM)
-- Certified Information Systems Security Professional (CISSP) or Associate
External Referral Eligible
Leidos is a global science and technology solutions leader working to solve the world’s toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company’s 33,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Virginia, Leidos reported pro forma annual revenues of approximately $10 billion for the fiscal year ended January 1, 2016 after giving effect to the recently completed combination of Leidos with Lockheed Martin's Information Systems & Global Solutions business (IS&GS). For more information, visit www.Leidos.com. The company’s diverse employees support vital missions for government and commercial customers. Qualified women, minorities, individuals with disabilities and protected veterans are encouraged to apply. Leidos will consider qualified applicants with criminal histories for employment in accordance with relevant Laws. Leidos is an Equal Opportunity Employer.