Provides technical and programmatic Information Assurance services in support of DC3 network and information security systems utilizing tools such as ACAS, FireEye, HBSS, PaloAlto, SCCM, SCOM, SolarWinds, Splunk, and Tanium.
Designs, develop, and implement security requirements within DC3 business processes.
Provides information assurance support for the development and implementation of security architectures to meet new and evolving security requirements.
Prepares documentation in accordance with the NIST Risk Management Framework (RMF) in order to maintain ATOs for identified networks and IT including DEN, SDEN, DC3ON, DIBLAN. Prepares Security Test and Evaluation plans. Provides certification and accreditation assessment and authorization (A&A) support for the development of security and contingency plans and conducts complex risk and vulnerability assessments.
Evaluates products and recommends system enhancements to improve security deficiencies. Develops, tests and integrates computer and network security tools.
Secures system configurations, installs security tools, scans systems in order to determine compliancy, and reports results.
Conducts security program audits and develops solutions to mitigate identified risks.
Evaluates, develops, and enhances security requirements, policy and tools.
Provides assistance in computer incident investigations.
Performs vulnerability assessments including development of risk mitigation strategies.
Requires 5 to 8 years with BS/BA or 3 to 5 years with MS/MA or 0 to 2 years with PhD.