Information Assurance Analyst (Tier III)

Converged Security Solutions
Washington, DC
Aug 06, 2022
Aug 15, 2022
Analyst, IT, QA Engineer
Full Time
Overview: Evolver is a technology company serving the Federal, Commercial, and Legal markets that addresses client challenges in the present and transitions clients into the future by introducing efficient and effective IT solutions. Established in 2000, Evolver has successfully grown to be a trusted technology leader. Evolver's efforts and growth have been recognized by leading publications and organizations, including Inc. 5000 for five consecutive years, and most recently "Future 50" from SmartCEO. With a dedicated focus on client satisfaction, Evolver has proven its value time and time again, from managing day-to-day operations to skillfully navigating the implementation and support of new technologies. Evolver's core competencies are infrastructure, application development, cybersecurity, cloud, end-user support, data analytics and legal services. We believe our employees are key to our success and continued growth. We attract and retain our diverse workforce by promoting a work-life balance with generous and flexible time off, competitive compensation and benefits, and a commitment to professional development. When you join Evolver, you join a community of talented and dedicated individuals whose abilities, skills, and actions contribute to the success of the company. Essential Job Duties and Responsibilities: Evolver is seeking an Information Assurance Analyst (Tier III) to work in Washington, DC. Currently 100% telework, but return to work may be required in the future. Information Assurance Analyst (Tier III) will be responsible for actively remediating security threats and risks involving client infrastructure. This includes timely review of alerts generated by security devices, assessment of the situation, and possible escalation to the senior staff. In this role, you will provide enterprise-wide remediation of desktop, server, endpoints, and other infrastructure services to our government client in a 24x7 operations environment. You may be requested on a limited basis to work off-hours to include: evenings, nights, holidays, and weekends, however, you will generally work a standard eight (8) hour day within a 7:00am-5:00pm coverage period on a Monday through Friday schedule. In this role, you will provide the following support: Managing Security System Administration;Install, configure, upgrade, and maintain software and appliances per AOC Policies, Directives, and applicable Standards;Install and manage related security system upgrades and patches;Troubleshoot system problems associated with patching and remediation.Security Policy Adherence;Ensure that new equipment/servers being installed on the network meet AOC Policies, Directives, and applicable Standards.Vulnerability Remediation;Upon notification from the CISO or other members of the Information Technology Security Team, Analyst will take the necessary actions approved by the CISO to improve the overall security stance of systems identified as vulnerable during vulnerability assessments and scans.Virus and Intrusion;;Analyst will identify, analyze, and mitigate potential exposure due to attacks, viruses, and other forms of malware.Security Maintenance;The contractor shall manage and maintain the hardware, firmware, and related software identified and defined as Government Furnished Property, by providing the following support:Perform the necessary hardware and software upgrades, updates, patch deployments and bug fixes as soon as they become available and following the established AOC IT Governance Process.;Perform emergency and non-emergency service outages and configuration changes to include updates must have coordination and mutual agreement with AOC;Provide installation schedules and reports detailing the progress of activities such as the implementation of equipment, and access as applicable. This allows AOC to track the provisioning process through completion at any time. Near real-time access to the installation schedule is acceptable. Software Update Release Notification;The contractor shall provide notification of software updates that are released during the duration of the contract.System Patch Installations;The contractor shall install all system patches promptly, as required by Bureau personnel to avoid vulnerabilities;Provide the management, monitoring, and maintenance of vulnerability scanning of network devices, servers and workstations. Manage and Maintain virus and spyware protection on inbound and outbound email, servers, and workstations through a variety of GFP tools;Manage and maintain current process to routinely scan all devices, servers, workstations that use the AOC Network utilizing current AOC tools. The contractor shall integrate the scanning results for remediation;Vulnerability Remediation Status Report;SOC Infrastructure Patch Administration Report.Manage and maintain vulnerability assessment process to ensure that AOC IT infrastructure vulnerabilities are identified and are eliminated in a timely manner utilizing GFP;Assess with appropriate AOC management to ensure the remediation of weaknesses, the elimination of threats, and the reduction of risk to the AOC Network. Minimum Qualifications and Requirements: Qualifications:Bachelors Degree in related field plus three (3) years or equivalent experienceMinimum of 3 years of progressively responsible experience in Cyber Security or InfoSec or System/Operational Engineering, with emphasis in Cyber Security issues and operations, Encryption technologies, Identity and Authentication technologies, focused on patching and remediation;Strong communication skills - written and verbal;Must be self-motivated and able to work independently with minimal supervision;Excellent problem solving and decision making skills required;Desired: CompTIA Security+, A+, GIAC Security Essentials (GSEC), or equivalent. Technical Requirements:Experience with Remediation as well as vulnerability identification (preferred);Basic knowledge of the TCP/IP protocol suite and related security aspects;Basic knowledge of identified operating system platforms, routers, network protocols, and security architecture;Working knowledge of common attacks and vulnerabilities (preferred);Understanding of common categories of malware and characteristics of each (preferred);Understanding of network security architecture best practices (preferred);Understanding of cryptographic protocols (SSL, TLS, etc.) (preferred);Required KnowledgeMicrosoft System Center Configuration Manager (SCCM) (preferred);Public Key Infrastructure (PKI) (preferred);Windows Server Update Services (WSUS) (preferred);Group Policy Object (GPO) management (preferred);Enterprise patching methodology supporting over 1,000 end points (preferred); Vulnerability scanning familiarity (Nessus preferred) (preferred);Printer security and updating firmware (HP desirable); Microsoft Windows (server and client).Preferred KnowledgeWireshark;Knowledge of 802.1x and port security;FISMA and NIST Compliance knowledge;Cisco, Apple, mobile remediation knowledge;PowerShell scripting. US Capitol Police Background Check EOE Statement: At Evolver, we foster teamwork, growth, individuality and entrepreneurialism. We value employee opinions and encourage them to make a difference by getting involved and being thought-leaders. As a part of the Evolver team, we actively promote a working and learning environment that supports a highly qualified workforce and a quality of work life that is based on trust and respect for all employees resulting in a healthy and trusting organizational culture.Evolver, Inc. is an Equal Opportunity Employer (EOE). Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, disability or veteran status. Evolver offers a comprehensive benefits plan including (but not limited to): medical, dental, vision, 401(k), life, AD and short term and long term disability insurance.