GDIT

  • Information Systems Security Officer with TS/SCI Clearance

    Job Locations USA-VA-Springfield
    Job ID
    2018-40727
    Number of Positions
    1
    Job Function
    Information Technology
    Security Clearance Level
    Top Secret/SCI
    Full/Part Time
    Full Time
  • Job Description

     

    General Summary: Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.

     

    Principal Duties and Responsibilities:

    1. Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
    2. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
    3. Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
    4. Evaluate firewall change requests and assess organizational risk.
    5. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
    6. Assists with implementation of counter-measures or mitigating controls.
    7. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
    8. Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
    9. Prepares incident reports of analysis methodology and results.
    10. Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
    11. May serve as a technical team or task leader.
    12. Maintains current knowledge of relevant technology as assigned.
    13. Participates in special projects as required.

     

    Position Summary:

      

    Provide expert technical services on all aspects of Information Security. Responsible for writing information security policy drafts; writing and reviewing Memorandum of Agreements and coordinating and managing all aspects of the Certification and Accreditation. Advise and assess system design/architecture as well as defining; designing and evaluating information security systems. Manage multi-agency information sharing and integration security. Maintain affiliations with high-level personnel at multiple agencies and organizations involved in Information Security. Tasking includes incident response; system access approval; audit log review; Configuration Control Board and daily consultations/consulting on a wide variety of security issues. Report; document and investigate all security related incidents; assist with development and implementation of corrective measures. Media transfer between systems of differing classifications in accordance with ICD 503 and local procedure.

    Candidate must have knowledge of and experience with ICD 503 and having knowledge of customer's security requirements is desirable; system accreditation and security documentation.

    Candidate must possess IAM III certification to start in accordance with DOD 8570.1M. This position is defined as in 8570.1M chapter 4; pg 35. Candidate is required to understand how our customer's and ICD 503 process work and how systems security requirements will be met.

    Candidate will work with all IT groups to build IT systems with security planned from the start. Work with developers; system engineers; project managers; and users to identify the level of protection systems will need. Understand and be able to identify what group or process will satisfy security requirement.

    Act as the representative of the Information System Security Manager ensuring compliance with IS security procedures.

    Generate and maintain System Security Plans per ICD 503.

    Support efforts to operate; maintain; and dispose of information system materials in accordance with security directives; policies and practices and as annotated in Systems Security Plans.

    Generate and implement requisite security training ensuring user security awareness of responsibilities prior to system access.

    Initiate protective and corrective measures when incident or vulnerabilities are discovered.

    Ensure IA hardware and software complies with security configuration guides.

    Ensure all IA related documentation is accurate and current.

    Implement and enforce IA policies and procedures as defined by C&A documentation.

    Ensure users are aware of their IA responsibilities.

    The ability to work on multiple projects/tasks at once and operate in a dynamic; fast-paced; team-oriented environment.

    Perform maintenance and/or advanced configuration of equipment in order to protect the network from emerging cyber threats

    Conduct forensic traffic/log analysis to isolate issues or respond to analyst alerts

    Respond to escalated troubleshooting requests

    Present Monitoring/Test Results and Reports as required

    Perform/support integration testing as required

    Participates in special projects as required.

    Ability to review Plan of Action and Milestones (POA&Ms) and conduct a technical decomposition categorization; remediation; and lien resolution

    Execute remediation process to implement technical solutions to address vulnerability findings

     

    Education

    Bachelors Degree in Computer Science or a related technical discipline; or the equivalent combination of education; professional training or work experience.

    Qualifications

    8-10 years of related experience in data security administration.

     

    Skills and Abilities:
    1. Advanced knowledge of data security administration principles, methods, and techniques.
    2. Certification in one or more specific technologies may be required, depending on job assignment.
    3. Requires familiarity with domain structures, user authentication, and digital signatures.
    4. Requires understanding of firewall theory and configuration.
    5. Requires understanding of DHS/DoD policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.

    Desired Knowledge; Experience and Skills:

    CISSP certification or equivalent (CAP; GSLC; CISM)
    System administration experience
    Network engineering experience
    System design and development experience Defines; plans; designs; and evaluates information security systems. Assesses architecture and current hardware limitations; defines and designs system specifications; input/output processes and working parameters for hardware/software compatibility. Performs a variety of complex tasks associated with information security ranging from the design of security components to complex architectures. Supervise the work of other engineers performing a variety of information security tasks.

     

    As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.  #ISDCJ  #DPOST

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed!

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.