Cybersecurity Management Specialist II with Security Clearance
Published | September 21, 2023 |
Location | Killeen, TX |
Category | Default |
Job Type | Full-time |
Description
Position Title: Cybersecurity (CS) Management Specialist II Security Clearance (Required): Top Secret with SCI eligibility [Deal Breaker] Certifications (Required): Possess DOD 8570.01-M certifications meeting the requirements for IAM Level II (CAP, CASP, CISM, CISSP (or Associate), or GSLC) [Deal Breaker] Overview/Scope of Responsibilities:
Provide technical security expertise in planning, preparing, and coordinating the Department of Defense (DOD) Cybersecurity (CS) Program for the Operational Test Command (OTC) Network, Servers, Systems and Network devices. Provide experience in developing and interpreting cybersecurity plans, policies, and procedures (to include but not limited to configuration management, contingency/disaster preparation, incident response, account management, access control, media control, etc.), providing incident response, reviewing security assessments and inspections and conducting risk management activities at the system level. Position Description:
The Cybersecurity (CS) Management Specialist II supports the OTC mission by:
• Having one year systems administration experience in a computer network environment
• Serving as Subject Matter Expert and providing direct customer support to help resolve security vulnerability issues that cannot be resolved through automated means
• Providing support to Windows Server 2012; Windows 10 for workstations and possessing a thorough understanding of computer networks and telecommunications procedures
• Understanding use and configuration of network routers, access control lists, firewalls, and virtual private network (VPN)
• Assisting with CS related analysis, scanning, documenting, and testing/evaluating support for the CS security posture and accreditation requirements of OTC applications/systems
• Providing technical security expertise in planning, preparing, and coordinating of the Department of Defense (DoD) CS program
• Possessing the background, experience, and knowledge of CS, patch management, IAVM, risk assessment and vulnerability assessment using Retina, or other automated tools
• Possessing experience in computer emergency response, incident handling and monitoring instruction detection system and firewalls
• Possessing knowledge and experience with NIPRNET, SIPRNET, LANs, VPNs, routers, & firewalls
• Conducting scans and analysis of network vulnerabilities on a periodic basis for trending of status. Ensuring IAVAs and virus notifications are expeditiously promulgated using the automated patching tools and informing system administrators and the impacted customer(s)
• Supporting a robust Computer Network Defense posture and identifing and responding to real and potential compromises
• Supporting the confidentiality, integrity, and availability of OTC servers, desktops, and network devices through the planning, analysis, development, implementation, maintenance and enhancement of information security programs, group policies, and security tools such as Host Based Security System (HBSS), Systems Management Server (SMS), Anti-virus, Windows Update Server (WSUS), and the DoD Vulnerability Management System
• Updating and maintaining IAVA compliance database, submitting Change Orders for IAVM remediation, and reporting to OTC CS Branch as appropriate. Receive, investigate, confirm, and document reports of malicious software attacks, suspicious activities, penetration incidents, and prepare/submit notifications to the OTC CS Branch. Receive instructions and guidance from the OTC CS Branch on issues regarding connectivity, vulnerability assessments, and scanning of the OTC Local Area and Test Networks. Report security issues to OTC CS Branch and ensure sound security principles are reflected in the organization's vision and goals. Implement and develop basic programs to ensure that systems, network, and data users are aware of, understand, and adhere to system security policies and procedures.
• Conducting analysis of the current security posture and ensuring the implementation of mandated Security Controls and Best Practices
• Ensuring all systems connected to the networks meet all established requirements, to include RMF and Networthiness accreditation. • Enforcing configuration standards and advising the CS Chief and Project Lead on CS configuration management issues, as required • Assisting the Army Computer Emergency Response Team (CERT) and serving as an OTC CERT team to ensure proper action is taken in a timely and effective manner
• Participating in the development, maintenance, coordination, and execution/testing of plans for the continuity of operations for the automated information systems
• Proficiency with Microsoft Office (Outlook, Excel, Word and PowerPoint)
• Ensuring the implementation and adherence of Federal information security laws and regulations by all personnel, system owners, and system users
• Maintaining and monitoring CS compliance for OTC network systems in support of the RMF process; conducting Network and System Vulnerability assessments; performing periodic system security reviews; implementing security safeguards; maintaining responsibility for media control, virus scanning, system auditing and maintaining the Vulnerability database for OTC systems. Required Education and Experience:
• No or any Degree in non-directly related field with technical certifications AND 3+ years’ experience, or
• Bachelors in directly related field AND minimum of 2+ years’ experience Relevant experience must be in information security or network/system administration, and/or a closely related function, such as IT auditing, IT compliance, enterprise risk management, performing cybersecurity assessments and inspections, providing incident response, creating/ updating/ implementing cybersecurity-relevant policies and procedures, etc. DOD regulatory compliance and information security management frameworks, including NIST SP 800-37, NIST SP 800-53, DoD RMF, etc. Relevant education and/or experience in the assigned program area (Computer Science, Computer/Software Engineering, Computer Information Systems) with specific experience in cybersecurity and/or information assurance, or related technical field at the network environment level.