Security Clearance: DOD Interim Secret as a minimum
Experience: A total of at least 4 years of experience in CyberSecurity (aka, Information Assurance)
DoD 8570.1M IAM level 2 is required (i.e., CISSP).
As part of the CyberSecurity Branch - Internal Controls Team, Resource shall provide information systems security engineering assistance consisting of the following tasks:
Resource will act as the IASO for hosted systems, assuming the responsibilities as outlined in AR 25-2.
Resource will assist hosted customers in obtaining and maintaining RMF for DOD IT, DIACAP, and other certifications as required.
Resource will update and/or assist the hosted system's personnel in updating artifacts of the accreditation package and store the artifacts in organizationally defined repository; i.e., system diagram (logical and physical) Hardware/Software/Firmware Inventory, Interface & Ports, Protocols and Services listing, etc.
Resource will assist in the preparation of network infrastructure specifications or designs incorporating required information security features.
Resource will review and evaluate Information Systems Design Plans, Continuity of Operation Plans, Communication Plans, engineering change proposals and configuration changes for compliance with relevant security regulations, policies, and best industry practice.
Resource will assist in the preparation of required documentation and coordination with Authorizing Official/Designated Approval Authority to obtain hosted system security accreditation to include certification procedures and criteria, certification evaluation reports and reports of findings.
Resource will provide security engineering design and analysis services for ALTESS and hosted customers.
Resource will act as the ALTESS CyberSecurity liaison for ALTESS hosted systems.
Resource will coordinate with the ALTESS ISSM and confirm status for migration to an ALTESS hosted enclave in order to ensure continuity for CyberSecurity requirements based on changing program guidance.
Resource will perform vulnerability scanning of computer systems using DoD and Army authorized security scanning software.
Resource will use results of vulnerability scans to determine vulnerabilities and develop operational plans to remediate or mitigate vulnerabilities as they are discovered.
Resource will manage IA workforce training and certification program, as outlined in DoDi 8570.01M using the Army Training and Certification Tracking System.
Resource will perform risk assessment reviews and document change requests; and determine approval or denial of requests.
DoD 8570.01M IAM level II certification is required. Resource must possess Baseline certification as defined in DoD Instruction 8570.01M
A total of at least 4 years of experience in CyberSecurity (aka, Information Assurance) performing the above specified tasks
Experience with Splunk Vulnerability Management