Information Assurance Security Officer (IAM I - IASO) / Information Assurance Officer (IAM II -
Principle Duties and Responsibilities: (application of General Summary attributes) a) Leadership - Not generally a supervisory position. May be tasked to temporarily supervise certain functions as needed. b.) System Tasks: - Must be well-versed in general system administration principles including operating system configuration for Windows Vista; Windows 7; Windows 2003 Server; Windows 2008 Server with emphasis on Army Gold Master versions of those operating systems; and Linux systems. - Must be experienced with analyzing network security architectures and network design diagrams that provide port; protocol; and service details. Experience with DoD and US Army IAVM tracking and reporting; and with implementing Cybersecurity Best Practices and formulating remediation guidance for supported platforms is also required. - Preferred network knowledge of the network administrator responsibilities for the configuration and management of the Mission Training Complex (MTC) Boundary Defense Systems to ensure the security of MTC network enclave. Additionally; the RMF/DIACAP Analyst will also be the primary network administrator responsible for applying Defense Information Systems Agency (DISA) STIGS to the many routers and switches that form the MTC network enclave. The RMF/DIACAP Analyst shall possess the general knowledge and diagnostic abilities to solve complex technical problems associated with maintaining local and wide area networks in a training and simulation environment. Possesses strong written and verbal communication skills and able to work both independently and in a team environment. - Preferred knowledge on how to analyze local and wide area network systems; including planning; designing; evaluating; selecting; and upgrading operating systems and protocol suites and configuring communication media such as Cisco integrated services routers; Cisco model 6500 and 4500 series network backbone switches; Cisco model 5500 series security appliances; Cisco model 3500 and 3700 series level-2 and level-3 switches; and other devices. - Preferred knowledge to establish and maintain Ethernet networking and configuration of associated hardware devices and the various protocols employed in networked data communications at various levels of the protocol stack. - Preferred knowledge on how to employ configuration guidance based on (DISA) Security Technical Implementation Guides (STIG). An in-depth knowledge of Cisco integrated operating systems and experience with network management systems such as Solarwinds network management suite or Ipswitch What's Up Gold is essential to performing this task. c.) Network Management (Non-Exercise Support): - Setup and maintain the physical network security for the site enclave. Maintain knowledge of the Risk Management Framework (RMF) Assess and Authorize (A&A) process. - Perform and/or evaluate vulnerability scans on production and integration systems utilizing approved network scanning tools and appropriate government provided software such as Retina; DISA Gold Disk; and UNIX and Oracle SRR scripts. Experience performing security test and evaluation; directing remediation efforts; building residual risk reports and tracking POA&M as well as experience performing privacy impact assessments and knowledge of best practices protecting sensitive Information is essential to performing this task. - Establish internal procedures for review of system logs; event files; and critical systems file management in order to assess system network systems and network support systems integrity. - Preferred knowledge on how to perform backup and storage of critical files and logs on monthly basis. Employ network intrusion detection systems such as Snort as well as intrusion prevention systems and anti-virus deployment systems such as Host Based Security Systems (HBSS) utilizing McAfee ePolicy Orchestrator. d) Network Management (Exercise Support) - Work directly with internal and external customers to develop and report present network activity and status. - Work with MTC staff and supported units to provide the network capabilities required to pass tactical data from the simulation interfaces to tactical systems in support of exercises. - Work with remote locations to enable wide area network connectivity to MTC assets. - Resolve interoperability problems to obtain operations across all platforms utilizing various data exchange and file transfer methods. - Preferred knowledge on how to configure systems to meet user requirements. Perform various tests to analyze network performance and document results. Provide technical support and troubleshooting to users. Maintain current knowledge of relevant computer hardware/software applications. e) Risk Management Framework (RMF)/DIACAP Support: - For the MTC network enclaves; prepare and maintain accreditation documentation and artifacts in accordance with RMF policy for US Army and/or DoD programs on behalf of the MTC Information Assurance Manager (IAM) or the Information Assurance Security Officer (IASO). - Assist the MTC IAM/ IASO performing Cybersecurity vulnerability alert monitoring issue resolution. Analyze the impact of potential vulnerabilities to MTC network enclaves; and ensure MTC conformance with network security architecture and NIPRNET/SIPRNET policy. - Assist MTC IAM/ IASO in coordination with Network Enterprise Centers (NEC); Network Command (NETCOM); and DISA staff to ensure that Connection Approval Process (CAP) requirements are met and connection waivers are accurate and submitted in accordance with DoD and Army policy. - Preferred to have a basic understanding of Army staff procedures regarding TOC operations and individual C2 data threads and how they are managed to ultimately form the Common Operating Picture (COP). f) Security Requirements: - Complies with MTC security requirements. Performs physical security; classified information security; and information assurance security tasks in order to safeguard classified information/equipment and high value government purchased and owned equipment and software. - Ensures that data security; including data retrieval; transmission; and storage is conducted IAW applicable government standards to ensure that data transmission and storage are secure and free from unauthorized access IAW AR 380-5 and AR 25-2. - Under the guidance of the Information Assurance Manager (IAM) shall ensure RMF/DIACAP accredited database and network security measures remain in place to protect information and systems from unauthorized access IAW AR 25-2 and all RMF/DIACAP regulations. Education GDIT Requires Bachelors Degree in Computer Science or a related technical discipline; or the equivalent combination of education; professional training or work experience.Contrct Requires 8 Years experience; and/or related B.S./B.A. in Engineering; Science; Information Systems or Mathematics. DoD Certification and Training Requirements: As a condition of initial and continuing employment; obtains and maintains required certifications. i) Baseline Certification: CompTIA Security+ CE ii) Certification IAW: DOD 8570 IAT III (CISSP; CASP; CISA; GCIH) iii) Computing Environment Certification: Windows; Linux; Cisco CCNA Routing or Switching iv) Mandatory Training / Local Training Plan: Complies with all DoD; Army; and company training requirements IAW Government policy; DoD 8570.01-M IA Workforce Improvement Program; Army Regulation; and company and site policy. Qualifications GDIT Requires 8-10 years of related experience in data security administration.Contract Requires 8 Years; and/or related B.S./B.A. in Engineering; Science; Information Systems or Mathematics. This position requires occasional travel away from normal duty station. The incumbent may be required to work other than normal duty hours; which may include evenings; weekends and or holidays. Position involves some periods of physical activity such as long periods of standing and walking during deliveries and configurations for exercises. Regularly lifts bends; reaches and moves items weighing up to 40 pounds or heavier weight with assistance. Security Clearance: Secret with the ability to obtain a Top Secret with SSBI Must be able to obtain and maintain a Top Secret security clearance. You will be required to provide proof of U.S. Citizenship. Must comply with Drug Abuse Testing Program requirements. Selectee is required to satisfactorily complete the appropriate training and earn the required certification for this position as outlined in DoD 8570.01-M; Information Assurance Workforce Improvement Program; dated 19 December 2005. As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial sectors.With approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support services.GDIT is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.