The Information Security Specialist is responsible for protecting DISA’s information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording and destruction. Duties include managing and enforcing of security strategies and policies within established guidelines. Areas of responsibilities include IT Security Strategy, Cyber Security, and Compliance and Risk Management supporting IT Security and Compliance Teams. The individual will report to the GSM-O Cyber Security Lead and be a member of a team supporting the daily security operations of the multiple classified and unclassified networks. The individual is responsible to the GSM-O Cyber Security Lead and program ISSMs for ensuring the appropriate operational Information Assurance (IA) posture is maintained. The individual shall possess a working knowledge of the system or enclave functions, its technical IA safeguards, and its operational IA measures.
– The individual needs to be flexible, dependable and be able to multi-task with priorities. – The position requires the individual have extensive background in information systems to include Information Assurance, Computer Network Defense, and secure network configuration practices for servers, switches and routers. – Determine applicability of Information Assurance Vulnerability Alerts/Bulletins to assets. – Coordinate network scanning of assets and analyze reports to identify mitigation actions. – Implement software patches, upgrades, and configuration changes as directed by change control board – Validate security posture of assets (servers and network devices) using security technical information guides and security requirement guides – Collaborate with program information assurance staff, program management, and local engineers to ensure an appropriate security posture is maintained. – Candidate will assist in creating and maintaining system documentation and support accreditation activities. – The individual must satisfy both preparatory and sustaining DoD standard training and certification requirements as a condition of privileged access to any DoD information system.
Required skills/Level of Experience :
Bachelor’s degree in a relevant technical discipline and 4+ years of overall related experience. 4+ years of additional related years of experience is accepted in lieu of a degree. – Must have experience or training in IA and IA supporting technologies and vulnerability assessment tools.
– Experience with ACAS, eMass, and HBSS – Linux and/or Windows server experience. – Working knowledge of DoD 8500 series and NIST 800-series. – Familiar with DISA and DoD security and IA policy and the application of security policy (e.g. STIGs)
– Excellent project, technical, interpersonal, presentation and problem management skills. – Currently possess DoD 8750 certification at IAT level II, e.g. Security+ce or higher. – Currently possess an active Secret security clearance with the ability to acquire a Top Secret clearance.
Nice to have skills:
– Experience with a ticketing system such as BMC Remedy or ITSM – Experience with Cisco and Juniper network devices – Experience Information Assurance Technology Framework (IATF) Defense in Depth principles – Experience with DISA and DoD assessment and authorization processes (e.g., RMF). – Experience with VMware vSphere/ESXi 5. – ITIL certification.