Computer Forensic and Intrusion Analyst (Journeyman)

Location
Linthicum, MD
Posted
Feb 15, 2017
Closes
May 19, 2017
Function
Analyst
Hours
Full Time
This Vulnerability Assessment Team (VAT) member position will support the DoD Information Assurance Vulnerability Management (IAVM) program for the Defense Cyber Crime Center (DC3).  These activities directly support cyber-crime investigations and operations to identify and mitigate cyber threats to the United States Air Force USAF and DoD personnel, interests, and resources worldwide.  The VAT is responsible for executing FISMA compliance activities including annual assessments of security control status, vulnerability assessments, annual testing of contingency plans, and incident response plans, configuration management and conduct Privacy Impact Assessments (PIA).  The team provides audit and advisory services, helps clients understand the complexity of issues such as performance, privacy, risk, controls, and data analysis.The Validator is responsible for continuous vulnerability scans across a multitude of networked or standalone systems. Serves at the central coordination point of all network system vulnerability assessments, audits, and related studies conducted in the agency environment. Individual participates in activities traditionally associated with Incident Response, and vulnerability scanning, and is primarily responsible for routine Nessus scanning, network monitoring and intrusion detection, as well as additional Cyber Security analysis.   Individual will be responsible for providing associated monthly and ad-hoc scans using ACAS/Nessus as required on the Network Protection Suites (NPS) and owned and managed systems. The Validator is responsible for managing, disseminating, interpreting, and tracking compliance with IAVM associated messages, monitoring the system for Vulnerability Threats, looking at reports for advanced Cyber Security Analysis, and hunting for hidden threats.  In addition to assessing compliance based on requirements, and developing Plans of Action and Milestone (POA&M) documentation.   Individual will be responsible for vulnerability management related to web applications including periodic vulnerability scanning, web application scanning, and code scanning. In addition to, analyzing results, identifying false positives, identifying remediation plans, directing system developers on remediation plans, and managing remediation through closure.  Required Skills:·         Experienced in employing software engineering techniques in designing and developing software for vulnerability discovery and an understanding of the vulnerability management lifecycle. ·         Experienced in automation and scripting of applications and systems, i.e. Python, Perl, JavaScript, Splunk, and Archer.·         Experienced with vulnerability scanning tools such as Retina and Nessus.·         Experience working with web services technologies such as XML, JSON, SOA, REST, and AJAX.·         Knowledge of Network Security Analysis using Intrusion Detection Systems.·         Comprehensive understanding of Security Methodologies, firewalls, proxies, mail servers, and web servers. Advanced experience with vulnerability assessment.·         Comprehensive knowledge of malicious code (worms, viruses, spy-ware, etc)·         Demonstrated strong interpersonal and organizational skills and ability to serve as central coordination point.·         Highly exceptional verbal and written communication skills, including ability to produce as well as provide expert review of accurate and timely technical reports are required of material for release to a larger community.·         Other duties as assigned.  Desired Skills: 
  • Understanding of USAF and DoD standards from a FISMA compliance perspective.
  • Demonstrated experience developing Plans of Action and Milestone (POA&M) documentation.
  • Demonstrated experience conducting Privacy Impact Assessments (PIA).
  • Demonstrated experienced using Assured Compliance Assessment Solution (ACAS).
  • Superior organizational skills to analyze, develop, and deliver detailed reports meeting tight suspense windows.
  • Strong attention to detail and ability to prepare documents for customer review with limited direction.
  • Ability to work multiple tasks and flexibility to adapt to dynamic work environment to meet organizational requirements.
  • Experience authoring and editing standard operating procedures (SOPs), policies, and organizational communications.
Education Bachelor's Degree in a related technical or military discipline, or the equivalent combination of education, professional training, or work/military experience.

Qualifications 8-10 years of related experience supporting intelligence operations

  As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.

 

#cjjobs