Information Security Analyst - IAVA - TS/SCI
GENERAL SUMMARY: Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction through the participation and support of an Information Assurance Vulnerability Management (IAVA) program. PRINCIPAL DUTIES/RESPONSIBILITIES:
- Performs scans and document results on a variety of systems to identify vulnerabilities, and potential security issues for remediation to ensure STIG and IAVM compliance.Performs Information Assurance Vulnerability Alert (IAVA) Patch Management for a large organization, coordinates with other government agencies to record and report incidents.Communicates alerts to agencies regarding compromises to their network infrastructure, applications and operating systems.Assists with implementation of counter-measures or mitigating controls.Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.Support the development and testing of Linux and Windows operation system and application lock-down for the training systems consistent with DIACAP and Risk Management Framework (RMF) Requirements.Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.May serve as a technical team or task leader.Maintains current knowledge of relevant technology as assigned.Participates in special projects as required.
- Familiarity with Assured Compliance Assessment Solution (ACAS/Tenable SecurityCenter and Nessus).DISA SCAP Compliance Checker (SCC) and Manual STIG Review using DISA STIG Viewer.Experience reviewing and implementing DISA STIGs across a variety of operating systems and technologies including Windows, Linux, Cisco, Oracle, and others.Certified Information Systems Security Professional (CISSP) certificationLinux shell scriptingUnderstanding of DHS/DoD policies and procedures, including DoD 8570, FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH and other applicable policies.Knowledge of Risk Management Framework (RMF), including transitioning from DIACAP to RMF.CISCO IOS administration knowledge, including configuring VLANS. CCNA or CCNP a plus.
- Advanced knowledge of Information Assurance, and data security administration principles, methods, and techniques.Red Hat Certified Engineer (RHCE) or Microsoft Certified Systems Engineer (MCSE) and Linux + certifications.VMware Certified Professional 6 Data Center Virtualization (VCP6-DCV) (5.0 or 5.5 or 6.5)Windows PowerShell scriptingOracle Database administration