(Note: This job description is not meant to be an all-inclusive statement of every duty and responsibility required.)
- Must possess an active D o D security clearance at the SECRET level.
- Will provide courteous customer service to the end-user community all times, either in person or over the phone.
- Perform the following Information Assurance duties in accordance with the requirements of the contract Performance Work Statement/Statement of Work:
- * The Candidate shall perform technical security reviews and network analysis to include but not be limited to scanning, testing, remediation, and auditing to determine system vulnerability. This includes IDT and boundary protection.
- * Candidate will provide results electronically within 24 hours of completion of the vulnerability scans. Results will be provided to the IAPM and appropriate system administrators for action--100% of available systems are reviewed and analyzed every 30 days.
- The Candidate shall perform security accreditation and certificationcertification and accreditation as required by DoD Directive 8510.01. Configuration Management/Accreditation & Certification.
- The Candidate shall assist Government in the development of IA policy and procedure documents as required, including but not limited to the Information Assurance Plan. This will include Physical, OPSEC, EMSEC, and COMPUSEC requirements
- The Candidate shall administer the PKI process in accordance with applicable policies and regulations.
- * The Candidate shall work with System and Network Administrators to plan and implement network and system changes as necessitated by IT security notifications, the Information Assurance Vulnerability Management Program or as required by Information Assurance Program Manager (IAPM).
- The Candidate shall implement network and system changes as necessitated by IT security notifications, the Information Assurance Vulnerability Management Program or as required by Information Assurance Program Manager (IAPM).
- * Candidate must comply with the appropriate security notifications on the system. Must ensure nNo security incidents occur due to failure to implement changes required by security notifications.
- Time to acknowledge receipt: Acknowledge receipt of each security notification in accordance with the suspense schedule tTime to successfully apply fix or patch in accordance with suspense date.
- * Candidate shall provide installation, maintenance, administration, and reporting of systems to include HBSS/AV Systems, and Retina.
- IA applications shall not be down for more than 24 hours at a time, and no more than 3 times per year.
- Incidents shall be reported immediately, as well as a monthly activity report be provided to IAPM. IAW AR 25-2, 100% of system logs shall be retained for one year for auditing purposes.
- Candidate shall evaluate and track all Information Assurance training requirements for system users IAW AR 25-2 and provide electronic updates through the Army Training and Certification Tracking System.
- * Coordinate with the Information Assurance Program Manager (IAPM) and Contracting Officer Representative (COR) to identify shortfalls in the information assurance operations, assist in the design of technical solutions to eliminate the shortfalls and implement the technical solutions on-site.
- Document discrepancies and recommend corrective action to Government. Prepares documentation in accordance with DOD, and Army instructions, e.g. Army Regulation 25-2 and DoD 8570.01-M.
- Review computer network designs and specifications for adequacy and technical feasibility, considering factors such as compatibility with agency policy, conversion or implementation costs, and impact on existing equipment.
- Submit Contract Deliverables (CDRL) reports to the PM within specified contract guidelines.
- Follow policies and procedures as described in corporate manuals and directives.
- Attend work each day during scheduled work hours unless on approved time off.
- Perform occasional travel to customer sites, as required (see WORKING CONDITIONS below).
- Work flexible hours, including occasional overtime.
- Carry out other duties as may be assigned or requested.
- * Experience with implementing and validating Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) STIGs to ensure systems implement required guidance and remediate findings.
- Make recommendations for hardening system software and hardware components
- Identifies, reports, and resolves security violations
- Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands
- Knowledge of core networking services, including Active Directory, DNS, DHCP, or WINS.
- Must have sound IT troubleshooting skills to interpret Windows System, Application and Security Logs.
- Must have sound understanding of Registry settings and configuration.
- Occasional travel within CONUS is required.
- Work is performed indoors with some potential risks to safety and health hazards related to electronics.
Physical Skills and Abilities:
- Possess a Bachelor’s Degree in Computer Science, Information Systems, or Business.
- Four (4) years of progressively more responsible experience in providing Information Assurance technical services & administration support duties as listed above under the heading “General Functions”.
- If no degree, six (6) years of specific experience in performing the Information Assurance support duties as listed above under the heading “General Functions”
- Must be fully DOD 8570.1 compliant
- Must be highly proficient with firewall administration and configuration, intrusion detection systems, proxy servers, anti-virus operations, security configuration management, vulnerability assessments, incident response and auditing.
- Must be highly proficient in the Windows and/or Unix environment.
- Must be familiar with MS Windows O/S (all versions).
- Must be proficient in the use of Microsoft Office Applications (Outlook, Word, Excel, PowerPoint and Access), Microsoft Internet Explorer.
- Must have relevant applicable experience as related to the General Functions listed in this position description.
- Must be able to transport self to various facility sites, as required. If using own motor vehicle, must possess a valid driver’s license and proof of insurance.
- Depending on the assignment may require ordinary, ambulatory skills sufficient to visit other locations.
- Requires the ability to manipulate (lift, carry, move) light to medium weights of 10-50 pounds.
- Requires good hand-eye coordination; arm, hand and finger dexterity, including ability to grasp and use a keyboard and mouse.
- Requires visual acuity to use a keyboard, operate equipment and read technical information.