Hybrid Remote Information Assurance Engineer
GovCIO is a team of transformers-people who are passionate about transforming government IT We believe in making a difference by developing digital strategies and delivering the technology- related innovation that improves governmental operations each day.
But we can't do it alone.
We welcome and nurture an inclusive and diversified work culture.
Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators.
We're changing the face of IT - from our diverse staff to the end-products we develop.
And we're excited to expand our team.
Are you ready to be a transformer?ResponsibilitiesComputer Security Systems Specialist I provides cybersecurity analysis support to assist at the program and system level, pertinent to Assessment and Authorization (A) actions, and provides support in the performance of the following activities:
Assist program on developing cybersecurity documentation, Plan of Actions & Milestones (POA), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts.
Develop written artifacts for IT security vulnerability testing via DCSA authorized scanning tool(s).
Develop, update, and provide for Government review, all DoD and other federal agency- specific documentation specified in Government A Framework and DoDI 8510.
01, as applicable.
Maintain all DCSA & PM managed system records and documents supporting compliance with federal laws, directives, policies and procedures, and provide at all times complete access to the records.
Store all A related documentation within a Government A Repository.
Conduct A related security test and evaluations using Government mandated tools and test procedures.
Develop or contribute to A related POA and Risk Assessment Reports as directed by applicable policy and guidance.
Create and update SOPs and guides on configuration, administration, report generation and analysis of eMASS (or similar tool), at least annually.
Scan IT products using Government approved scanning tools to identify potential risk to the Government production network.
Required Qualifications Bachelor's Degree with 5 - 8 years (or commensurate experience) in security engineering, incident response, system application and network security, vulnerability management, threat modeling, penetration testing, intrusion detection, firewalls and encryption technologies.
Knowledge of Security Information and Event Management (SIEM) tools, network and operating system security and network security technologies (eg, firewalls, filtering routers, authentication mechanisms, IPSEC VPN, server hardening).
Have hands-on experience with tools and technologies used throughout secure Systems Development Life Cycle (SDLC).
Hands on experience with managing security awareness and training such as online training modules, lunch and learns, periodic security communication, and simulated phishing campaigns.
Demonstrated experience drafting documentation including functional and system requirements, configuration management plans, disaster recovery plans, user guides, system security plans, and production data waivers.
Familiarity with attack vectors and its customer impact.
Demonstrated experience in the following areas of:
Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologiesPerimeter security controls firewall, IDS/IPS, network access control and network segmentationRouter, switch and VLAN security; wireless securitySecurity concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologiesSecurity
w/ce certification.
Top Secret/SCI Clearance.
#cjpost#dicepost #cjpost.
Estimated Salary: $20 to $28 per hour based on qualifications.
But we can't do it alone.
We welcome and nurture an inclusive and diversified work culture.
Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators.
We're changing the face of IT - from our diverse staff to the end-products we develop.
And we're excited to expand our team.
Are you ready to be a transformer?ResponsibilitiesComputer Security Systems Specialist I provides cybersecurity analysis support to assist at the program and system level, pertinent to Assessment and Authorization (A) actions, and provides support in the performance of the following activities:
Assist program on developing cybersecurity documentation, Plan of Actions & Milestones (POA), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts.
Develop written artifacts for IT security vulnerability testing via DCSA authorized scanning tool(s).
Develop, update, and provide for Government review, all DoD and other federal agency- specific documentation specified in Government A Framework and DoDI 8510.
01, as applicable.
Maintain all DCSA & PM managed system records and documents supporting compliance with federal laws, directives, policies and procedures, and provide at all times complete access to the records.
Store all A related documentation within a Government A Repository.
Conduct A related security test and evaluations using Government mandated tools and test procedures.
Develop or contribute to A related POA and Risk Assessment Reports as directed by applicable policy and guidance.
Create and update SOPs and guides on configuration, administration, report generation and analysis of eMASS (or similar tool), at least annually.
Scan IT products using Government approved scanning tools to identify potential risk to the Government production network.
Required Qualifications Bachelor's Degree with 5 - 8 years (or commensurate experience) in security engineering, incident response, system application and network security, vulnerability management, threat modeling, penetration testing, intrusion detection, firewalls and encryption technologies.
Knowledge of Security Information and Event Management (SIEM) tools, network and operating system security and network security technologies (eg, firewalls, filtering routers, authentication mechanisms, IPSEC VPN, server hardening).
Have hands-on experience with tools and technologies used throughout secure Systems Development Life Cycle (SDLC).
Hands on experience with managing security awareness and training such as online training modules, lunch and learns, periodic security communication, and simulated phishing campaigns.
Demonstrated experience drafting documentation including functional and system requirements, configuration management plans, disaster recovery plans, user guides, system security plans, and production data waivers.
Familiarity with attack vectors and its customer impact.
Demonstrated experience in the following areas of:
Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologiesPerimeter security controls firewall, IDS/IPS, network access control and network segmentationRouter, switch and VLAN security; wireless securitySecurity concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologiesSecurity
w/ce certification.
Top Secret/SCI Clearance.
#cjpost#dicepost #cjpost.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
