Job Title: Computer Security Systems Specialist - level I (HYBRID Remote)
Posted by: GovCIO on Sep 22, 2022
Location:
Remote Located in DC/MD/VA , DCJob Description:
GovCIO is a team of transformers-people who are passionate about transforming government I.T. We believe in making a difference by developing digital strategies and delivering the technology- related innovation that improves governmental operations each day.
But we can't do it alone. We welcome and nurture an inclusive and diversified work culture. Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators. We're changing the face of I.T. - from our diverse staff to the end-products we develop. And we're excited to expand our team. Are you ready to be a transformer?
Responsibilities
Computer Security Systems Specialist I provides cybersecurity analysis support to assist at the program and system level, pertinent to Assessment and Authorization (A&A) actions, and provides support in the performance of the following activities: Assist program on developing cybersecurity documentation, Plan of Actions & Milestones (POA&M), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts. Develop written artifacts for IT security vulnerability testing via DCSA authorized scanning tool(s). Develop, update, and provide for Government review, all DoD and other federal agency- specific documentation specified in Government A&A Framework and DoDI 8510.01, as applicable. Maintain all DCSA & PM managed system records and documents supporting compliance with federal laws, directives, policies and procedures, and provide at all times complete access to the records. Store all A&A related documentation within a Government A&A Repository. Conduct A&A related security test and evaluations using Government mandated tools and test procedures. Develop or contribute to A&A related POA&Ms and Risk Assessment Reports as directed by applicable policy and guidance. Create and update SOPs and guides on configuration, administration, report generation and analysis of eMASS (or similar tool), at least annually. Scan IT products using Government approved scanning tools to identify potential risk to the Government production network. Required Qualifications Bachelor's Degree with 0 - 2 years (or commensurate experience) in security engineering, incident response, system application and network security, vulnerability management, threat modeling, penetration testing, intrusion detection, firewalls and encryption technologies. Knowledge of Security Information and Event Management (SIEM) tools, network and operating system security features (e.g., Windows, Linux, Ubuntu) and network security technologies (e.g., firewalls, filtering routers, authentication mechanisms, IPSEC VPN, server hardening). Have hands-on experience with tools and technologies used throughout secure Systems Development Life Cycle (SDLC). Hands on experience with managing security awareness and training such as online training modules, lunch and learns, periodic security communication, and simulated phishing campaigns. Demonstrated experience drafting documentation including functional and system requirements, configuration management plans, disaster recovery plans, user guides, system security plans, and production data waivers. Familiarity with attack vectors and its customer impact. Demonstrated experience in the following areas of: Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies Perimeter security controls firewall, IDS/IPS, network access control and network segmentation Router, switch and VLAN security; wireless security Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies Security + w/ce certification. Secret Clearance. #CJPOST
COVID Policy: New employees will be required to adhere to the Company's and its clients' COVID-19 safety procedures. In the event that the COVID-19 vaccination mandate for Federal Contractors is enforced, you must become fully vaccinated or request and be approved for an exemption. Employees working onsite at a client location must comply with our client's COVID-19 requirements.
GovCIO is a team of professionals who want to make a difference. And that can only happen with a diverse, happy, and cared-for team. So, we prioritize your well-being, equity for all and look for ways to make work a better place for each of us every day.
We are an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, ethnicity, religious affiliation, gender, gender identity or expression, sexual orientation, national origin, or disability status. EOE AA M/F/Vet/Disabled
But we can't do it alone. We welcome and nurture an inclusive and diversified work culture. Because different backgrounds, experiences, abilities, and perspectives make us better decision-makers, problem solvers, and creators. We're changing the face of I.T. - from our diverse staff to the end-products we develop. And we're excited to expand our team. Are you ready to be a transformer?
Responsibilities
Computer Security Systems Specialist I provides cybersecurity analysis support to assist at the program and system level, pertinent to Assessment and Authorization (A&A) actions, and provides support in the performance of the following activities: Assist program on developing cybersecurity documentation, Plan of Actions & Milestones (POA&M), enterprise mission assurance support service (eMASS) submissions, and system security engineering efforts. Develop written artifacts for IT security vulnerability testing via DCSA authorized scanning tool(s). Develop, update, and provide for Government review, all DoD and other federal agency- specific documentation specified in Government A&A Framework and DoDI 8510.01, as applicable. Maintain all DCSA & PM managed system records and documents supporting compliance with federal laws, directives, policies and procedures, and provide at all times complete access to the records. Store all A&A related documentation within a Government A&A Repository. Conduct A&A related security test and evaluations using Government mandated tools and test procedures. Develop or contribute to A&A related POA&Ms and Risk Assessment Reports as directed by applicable policy and guidance. Create and update SOPs and guides on configuration, administration, report generation and analysis of eMASS (or similar tool), at least annually. Scan IT products using Government approved scanning tools to identify potential risk to the Government production network. Required Qualifications Bachelor's Degree with 0 - 2 years (or commensurate experience) in security engineering, incident response, system application and network security, vulnerability management, threat modeling, penetration testing, intrusion detection, firewalls and encryption technologies. Knowledge of Security Information and Event Management (SIEM) tools, network and operating system security features (e.g., Windows, Linux, Ubuntu) and network security technologies (e.g., firewalls, filtering routers, authentication mechanisms, IPSEC VPN, server hardening). Have hands-on experience with tools and technologies used throughout secure Systems Development Life Cycle (SDLC). Hands on experience with managing security awareness and training such as online training modules, lunch and learns, periodic security communication, and simulated phishing campaigns. Demonstrated experience drafting documentation including functional and system requirements, configuration management plans, disaster recovery plans, user guides, system security plans, and production data waivers. Familiarity with attack vectors and its customer impact. Demonstrated experience in the following areas of: Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies Perimeter security controls firewall, IDS/IPS, network access control and network segmentation Router, switch and VLAN security; wireless security Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies Security + w/ce certification. Secret Clearance. #CJPOST
COVID Policy: New employees will be required to adhere to the Company's and its clients' COVID-19 safety procedures. In the event that the COVID-19 vaccination mandate for Federal Contractors is enforced, you must become fully vaccinated or request and be approved for an exemption. Employees working onsite at a client location must comply with our client's COVID-19 requirements.
GovCIO is a team of professionals who want to make a difference. And that can only happen with a diverse, happy, and cared-for team. So, we prioritize your well-being, equity for all and look for ways to make work a better place for each of us every day.
We are an Equal Opportunity Employer. All qualified applicants receive consideration for employment without regard to race, ethnicity, religious affiliation, gender, gender identity or expression, sexual orientation, national origin, or disability status. EOE AA M/F/Vet/Disabled
Pay Rate:
Unspecified
HR. Website URL:
https://govcio.com/jobs
Sign Up to Apply to this position
(if you already have a CGO account, just press the button below)
About GovCIO
Our Vision: With a holistic perspective and Agile methods, we keep our customers at the forefront of digital innovation. Our teams deliver high value IT solutions and services that allow customers to thrive today, all while preparing them to tackle any challenge the future may bring. Our Mission: GovCIO uses IT to transform how government works for the better. From the U.S. military to Health and Human Services, our consultants create solutions that optimize how our customers operate and help prepare them for current and future demands.
Please visit this employer's Public Profile to see more jobs offered by GovCIO