- Must have excellent oral and written communication skills.
- Demonstrated experience with updating documents to reflect new security guidelines and impacts.
- Demonstrated experience with reviewing architecture changes for security impacts and possible recertification
- Demonstrated experience with establishing standards for information systems procedures
- Utilization of automated scanning products such as: BigFix, Nessus, Retina, Core Impact
- Knowledge of security best practices such as; defense in-depth, least privileges, need-to-know, separation of duties, access controls, encryption, etc.
- Experience with FIPS 199/200 and Security Awareness Training (to include different possible social engineering attacking techniques)
- Experienced with FISMA A&A continuous monitoring
- Experienced with providing FISMA Vulnerability and Compliance Scanning
- Experienced with a working knowledge of SPLUNK
- Experience of A&A Core Documentation development (i.e. SSP, BCP, DRP, ISCP, BIA, FIPS 199 & 200)
- Experienced in assessing and maintaining a FIPS 199 High Category Federal system
- Experienced with Security Repository Tools such as Cyber Security Assessment and Management (CSAM) or Trusted Agent FISMA (TAF)
- Experienced with POA&M Management
- Experienced with System and Network administration
- Sound knowledge of risk management and assessment (both qualitative and quantitative) using NIST SP 800-30 and 800-39
- Must have hands-on experience and extensive knowledge with NIST 800 Special publications standards and preparing documents such as: System Security Plans (SSPs), Contingency Plans (CPs), Risk Assessments Matrices (SRTMs), Business Continuity Plan (BCP), Business Impact Analysis (BIA), Security Impact Assessments (SIAs) for proposed System Configuration changes, as well as having a thorough understanding of NIST Special Publications 800-53, Rev3/4, 800-53A, and 800-37
Knowledge and experience with at least three of the five following criteria:
- Vulnerability scanning, auditing, assessment, and analysis
- Operating system and network knowledge (i.e., Windows Server 2003/2008, Linux, Local Area Networks [LAN] and Wide Area Networks [WAN])
- Information security and assurance principles and associated supporting technologies
- Application security, database security, and network security
- Networking / Firewall Access Control
- Linux engineering or Admin Experience
- Windows Engineering or Admin Experience
- Knowledge of DHS Networks
- Current DHS Entrance on Duty (EOD) within a headquarters component.
This position requires an active Security Clearance.
Candidates will be subject to a government background investigation and must meet eligibility criteria for access to classified information. U.S. Citizenship is required.
ASRC Federal and its Subsidiaries are Equal Opportunity / Affirmative Action employers. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
At ASRC Federal Vistronix, we know our staff members work hard to exceed customer expectations, and we work hard to exceed the expectations of our staff! We are proud to offer a robust employee benefits package
- Medical, dental, prescription, and vision coverage
- Health Advocate
- Short-term and long-term disability, life & accidental death & dismemberment
- Flexible Spending Accounts
- 401(k) retirement plan with matching contributions
- Tuition reimbursement
- Employee Assistance Program
- Paid time off and holidays
Advance your IT Career