Information Assurance Engineer with Security Clearance

TEKsystems c/o Allegis Group
02 Jul 2024
30 Jul 2024
Employer Sector
Technology, IT & Telecoms
Contract Type
Full Time
Top Skills' Details 1. Uses ACAS scanning tool. Prior experience required.
2. Development/ testing of new security measures
3. Zero–trust implementation experience. Job Description MINIMUM REQUIREMENTS:
– Current DoD 8570 IAT Level III certification (CISSP, CASP+ CE, CCNP Security, CISA, GCED, GCIH, CCSP, etc.)
– BS Degree & 4–8 years experience. Specific experience may be considered in lieu of a degree.
– Top Secret/ SCI Required Consultant will work with the Master Network Engineer & Virtualization lead to test/ implement security measures for the JCSE global network. Key initiative: Implementing zero–trust for the network. "Employee could be touching all aspects of security. Needs experience with scanning, development, and vulnerability testing. A Key thing for us right now is zero–trust implementation." The Leidos Defense group has an opening for a highly motivated individual. The Information Assurance Engineer position at MacDill AFB, FL supports the Global Solutions Management–Operations II (GSM–O II), Joint Communications Support Element (JCSE). The JCSE team provides en–route, early entry, scalable C4 support to Regional Combatant Commands, Special Operations Command, and other agencies. In this role, you will be responsible for ensuring that the systems security meets all DoD/JCSE requirements and design, facilitating system assessments, documentation and providing hands–on security engineering support. Key elements of this position include: Capture and refine information security requirements and ensure their integration into information technology components and information systems: Perform vulnerability assessments, to determine weaknesses and exploit methods in systems/networks; Perform cybersecurity analysis and hardening of complex IT systems; and conducting cybersecurity mitigations on design solutions to comply with Risk Management Framework (RMF) cybersecurity requirements. Responsibilities include:
• Develop Security plan of action and milestones (POA&M) for all open security findings identified during the development phase of modernization on the end–to–end enterprise infrastructure (Data Center, SATCOM Gateway, and deployed kits).
• Identifying what cybersecurity STIG, checklist, or control requirements apply during development of new components and software that is implemented into the enterprise infrastructure (Data center, SATCOM Gateway, and deployed kits)
• Ensure proper configuration management procedures are followed prior to implementation and contingent upon necessary approval. Coordinate changes or modifications with the security manager, ISSM, and J5 directorate.
• Track information for assurance directed guidelines for all hardware and applicable software ensuring proper security for the JCSE Enterprise.
• Provide tracking and summary reports based on findings to leadership. Modernization actions include but are not limited to STIGs, compliant patch implementation/management, Information Assurance Vulnerability Management (IAVM) compliance, integration/ implementation of any approved hardware and software, and react appropriately to cyber threats.
• Support DoD Risk Management Framework (RMF) in accordance with CNSSI 1253 and NIST 800–53 (all revisions) for IA controls; 8570/8140 for IA Workforce training and DCID 6/3 for protection of sensitive compartmented information. This also includes the updates required for the JCSE packages and all updated instructions which support the Assessment and Authorize (A&A) process.
• Provide technical support and guidance in an effort to maintain the JCSE IA processes and procedures in support of computer network defense in–depth protection for the JCSE enterprise infrastructure.
• Recommend network configuration, policy, training, operational or other changes/updates based on assessed risks.
• Coordinate with internal and external organizations, agencies and activities to support resolution of security issues, accreditation and waiver requests that impact the ability to obtain connection approval.
• Recommend connection approval, disapproval or modification based on security risks and system vulnerabilities.
• Develop Security Test and Evaluation (ST&E) and Certification Test and Evaluation (CT&E) plans, as required.
• Develop configuration documentation for the JCSE Enterprise to include: network diagrams, technical sensor/administrative & policy POCs, and related information. Additional Skills & Qualifications
– High level of ACAS proficiency
– Experience dealing with ATO inspections
– RMF interface experience
– Military veterans a plus – experience working in tactical environments
– COCOM experience