Sr Analyst, Info Security
Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. C&A RMF preferred; System Engineering experience; experience with network level devices, firewalls, proxies, virtualized technologies Ability to analyze Layer-2 and Layer-3 networks, firewalls, proxies, ports and protocols, etc. for security configuration compliance.Knowledge and experience with C&A processes in DoD environments, preferably with experience using Risk Management Framework (RMF), and demonstrated completion of C&A tasks required to achieve ATO for complex systems or networks.Ability to develop risk assessments, analyze and evaluate complete networks using a variety of security tools. Experience with securing network virtualization technologies used to consolidate network control functions from hardware devices a virtualized control node or console. Experience with multi-tenant network architectures Familiarity with a width variety network routing and switching equipment devices from multiple vendorsSupport the Risk Management Framework (RMF) processes for DoD Information Technology in accordance with DoDI 8510.01. The Contractor shall have extensive knowledge of the DOD RMF process, as well as extensive DoD IA policies background. In addition, the Contractor shall possess hands-on experience and technical expertise in the use and analysis of a variety of IA guides, tools, and products to include the associated output results and reports, such as:
- Security Technical Implementation Guides (NSA, DISA, and vendor equivalent),Network based audit tools,Secure Host Baseline (SHB), andIndustry reports – Gartner, Verizon, Symantec, etc.