Cyber Information Assurance Analyst SME

About The Position

Requirements

• Secret Clearance is required and must be maintained for employment.
• Must be eligible for an IT-II upon assignment.
• Tenable Certified NESSUS Auditor required and must maintain CSSP Auditor Certification.
• IAM III and IAT II level certification is required.
• Proven proficiency performing CCRI / vulnerability assessment / penetration testing on networks, databases, computer applications and IT frameworks
• Seven (7) years IT experience
• Five (5) years IA experience
• Two (2) years of experience with DOD Vulnerability Management System
• Command Cyber Readiness Inspection certification in at least one of the following areas: Retina scan analysis o Operating Systems (Windows, Unix) Boundary defense (network policy, router, firewall) Internal defense (L2 switch, L3 switch) DNS (policy, BIND/Windows) HBSS (remote console, AV, ABM, PA, HIPS, ePO) Traditional security (Common, Basic, NCV, SCV) Wireless communications (BES, handhelds)
• Strong analytical and problem solving skills for resolving security issues
• Strong skills implementing and configuring networks and network components
• Knowledge and understanding of DOD security regulations, DISA Security Technical Implementation Guides
• Understanding of SCAP
• Knowledge of and proficiency with: VULNERATOR; USCYBERCOM CTO Compliance Program; Wireless vulnerability assessment; Web Services (IIS, Apache, Proxy); Database (SQL Server, Oracle); Email Services (Exchange); Vulnerability Scans (NESSUS, SCCM); Knowledge of Phishing exercises; USB Detect; Physical Security.

Nice To Haves

• DISA FSO certified CCRI Team Lead and have a certification in penetration testing, such as: Licensed Penetration Tester (LPT); Certified Expert Penetration Tester (CEPT); Certified Ethical Hacker (CEH); Global Information Assurance Certification Penetration Tester (GPEN); Familiarity with AUTOCHECKLIST Tool.

Responsibilities

• Independently performs complex security analysis of classified and unclassified applications, systems and enclaves for compliance with security requirements.
• Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations.
• Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks.
• Performs vulnerability and risk analysis, and participate in a variety of computer security penetration studies.
• Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers.
• Recommends solutions to meet security requirements.
• Gathers and organizes technical information about an organization's mission goals and needs, and makes recommendations to improve existing security posture.
• Provide enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves.
• Provides workable recommendations and advice to client executive management on system improvements, optimization and maintenance in the following areas: Information Systems Architecture, Automation, Telecommunications, Networking, Communication Protocols, Application Software, Electronic Email, VOIP and VTC.
• Competent to work at the highest level of all phases of information systems auditing.

Benefits

• Medical
• Dental
• Vision
• Company Life Insurance
• Short-Term and Long-Term Disability Insurance
• 401(K) Immediate Vesting
• Professional Development Assistance
• Legal Aid Assistance Program
• Family Planning / Fertility Assistance
• Personal Time Off
• Observance of Federal Holidays