Information Security Specialist III (IA Log Analyzer)

About The Position

Requirements

• Bachelor's Degree in Computer Science, Cybersecurity, Computer Engineering, or related discipline preferred.
• 5-7 years of experience performing Information Assurance functions and using RMF IT security controls and policies preferred.
• Must possess and maintain an IT-I level certification IAW AR 25-2 and IAT-II certification IAW DoD 8570.01-M.
• Strong critical thinking and problem-solving skills.
• Strong verbal and written communication to effectively express concepts, plans, and proposals.

Nice To Haves

• Experience with Proxy servers.
• Knowledge of DoD 8570 Computer Engineering and Computer networking.

Responsibilities

• Provide oversight for the Computer Network Defense-Service Provider (CNDSP).
• Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives.
• Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly.
• Provide Defense in Depth principles and technology in security engineering designs and implementation.
• Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements.
• Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis.
• Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis.
• Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions.
• Analyze IA security events, including threat model development and resulting security risk analysis of systems.
• Review and assess information security events and logs via sophisticated security information/event manager.
• Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network.
• Plan, respond, investigate, and report undisclosed classified incident remediation.
• Assess and mitigate system security threats/risks throughout the program life cycle.
• Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures.
• Maintain Agency public key infrastructure system.
• Implement security designs in hardware, software, data and procedures.
• Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service.
• Responsible for requesting, receiving, installation, and accountability of system (server) PKI certificates.
• Provide Certification and Accreditation, as well as provide Automated Information System Accreditation support.
• Perform risk analysis of resources, controls, vulnerabilities, impact of losing systems' capabilities and threats to the mission objective.

Benefits

• Paid holidays
• Disability insurance
• Health insurance
• Dental insurance
• Flexible spending account
• Tuition reimbursement
• Paid time off
• Parental leave
• Vision insurance
• Life insurance