Wyle is currently recruiting for Information Systems Auditor to support government customers in Patuxent River, MD. These positions are contingent upon contract award.
Selected candidates will perform security audits of information systems and applications to ensure that appropriate controls exist and are compliant with standards and guidance. Evaluate commercial and open source tools for potential inclusion in the security assessment team approved baseline; perform vulnerability assessments as required by applicable security directives and upon request. Identify corrective actions to increase IA compliance within the DOD; author analysis report addressing current and emerging IA/Computer Network Defense (CND) issues. The candidates will provide recommendations in the areas including CND, training, technical configuration and security management control, multi-level security devices, tactics, techniques, and procedures interoperability, configuration management, intrusion detection, and audit monitoring.
Bachelor's degree and 5 years experience or 9 years in lieu of a degree are required. A current DoD 8570 IAT/IAM Certification is required for these positions. Additional certifications in GIAC Certified Incident Handler (GCIH), GIAC Certified Penetration Tester (GPEN), Certified Ethical Hacker (CEH) and Windows, Linux or UNIX OS are beneficial.
The candidates must have experience with host platform vulnerability assessment and hardening standards and methodologies. Experience with DISA Gold Disk, DISA Security Readiness Reviews (SRRs), and Security Technical Implementation Guides (STIGs) for Linux, Unix, and applications is required. Candidates must also have an understanding of host/network common vulnerabilities and exploits (CVEs, IAVAs, etc.), hacker methodologies and tactics, and the tools used. Candidates should have an understanding of and be experienced in the use of tools such as Retina, Nessus, NMap and the use and function of other commonly used security tools as well as an intermediate to advanced understanding of network engineering and local and wide area (LAN/WAN) technologies and topologies, expert understanding and extensive experience in a broad range of networking concepts, technologies, architectures, and security concerns specific to networking, to include wireless networking and the security issues surrounding it. Candidates should also have an intermediate to advanced understanding of common OS and domain structures (Red Hat Linux, Oracle, HP or Sun UNIX), servers, services, and associated vulnerabilities.
Knowledge, Skills and Abilities:
Candidates must have a broad knowledge of security best practices, security solutions, and methodologies for conducting advanced security assessments, to include manual assessments and malicious user testing; knowledge of cyber threat actor methodologies regarding CNE (computer network exploitation) and CNA (computer network attacks) against governments and critical infrastructure systems.
Applicant selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information.
For immediate confidential consideration, please apply online by clicking "Apply Now to Join Our Team."
Additional information about Southern Maryland may be found at the following Links:
Saint Marys County
Wyle - 18 months ago
Wyle Laboratories is wild about the technical expertise it offers. The firm provides engineering, testing, life cycle management, clinical...