Vacancy has expired
|Job Ref:||2016-14754||Employer:||General Dynamics US||Country:||United States||City:||Rheinland-Pfalz||Address:||Post Date:||18/10/2016 05:11|
Job Description |
Principal Information Security Analyst - Kaiserlautern, Germany
Performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
1. Performs Computer Security Incident Response activities for a large organization, coordinates with other government agencies to record and report incidents.
2. Monitor and analyze Intrusion Detection Systems (IDS) to identify security issues for remediation.
3. Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
4. Evaluate firewall change requests and assess organizational risk.
5. Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems.
6. Assists with implementation of counter-measures or mitigating controls.
7. Ensures the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
8. Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance.
9. Prepares incident reports of analysis methodology and results.
10. Provides guidance and work leadership to less-experienced technical staff members, and may have supervisory responsibilities.
11. May serve as a technical team or task leader.
12. Maintains current knowledge of relevant technology as assigned.
13. Participates in special projects as required.
Bachelors Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
Candidate must obtain DoD 8570 IAT Level II certification within 90 days of hire.
Candidate must obtain ITIL Foundation within 90 days of hire
8-10 years of directly related computer systems analysis.
8-10 years of related experience in data security administration.
Must be experienced with analyzing network security architectures and network design diagrams that provide port; protocol; and service details. Experience with DoD and US Army IAVM tracking and reporting; and with implementing Cybersecurity Best Practices and formulating remediation guidance for supported platforms is also required
Preferred to have a basic understanding of Army staff procedures regarding TOC operations and individual C2 data threads and how they are managed to ultimately form the Common Operating Picture (COP).
Preferred network knowledge of the network administrator responsibilities for the configuration and management of the Mission Training Complex (MTC) Boundary Defense Systems to ensure the security of network enclave. Additionally; the RMF/DIACAP Analyst will also be the primary network administrator responsible for applying Defense Information Systems Agency (DISA) STIGS to the many routers and switches that form the MTC network enclave. The RMF/DIACAP Analyst shall possess the general knowledge and diagnostic abilities to solve complex technical problems associated with maintaining local and wide area networks in a training and simulation environment. Possesses strong written and verbal communication skills and able to work both independently and in a team environment.
Preferred knowledge on how to employ configuration guidance based on (DISA) Security Technical Implementation Guides (STIG). An in-depth knowledge of Cisco integrated operating systems and experience with network management systems such as Solarwinds network management suite or Ipswitch What's Up Gold is essential to performing this task.
Setup and maintain the physical network security for the site enclave. Maintain knowledge of the Risk Management Framework (RMF) Assess and Authorize (A&A) process.
Perform and/or evaluate vulnerability scans on production and integration systems utilizing approved network scanning tools and appropriate government provided software such as Retina; DISA Gold Disk; and UNIX and Oracle SRR scripts. Experience performing security test and evaluation; directing remediation efforts; building residual risk reports and tracking POA&M as well as experience performing privacy impact assessments and knowledge of best practices protecting sensitive Information is essential to performing this task.
Establish internal procedures for review of system logs; event files; and critical systems file management in order to assess system network systems and network support systems integrity.
Preferred knowledge on how to perform backup and storage of critical files and logs on monthly basis. Employ network intrusion detection systems such as Snort as well as intrusion prevention systems and anti-virus deployment systems such as Host Based Security Systems (HBSS) utilizing McAfee ePolicy Orchestrator.
Resolve interoperability problems to obtain operations across all platforms utilizing various data exchange and file transfer methods.
Preferred knowledge on how to configure systems to meet user requirements. Perform various tests to analyze network performance and document results. Provide technical support and troubleshooting to users. Maintain current knowledge of relevant computer hardware/software applications.
Risk Management Framework (RMF)/DIACAP Support:
Prepare and maintain accreditation documentation and artifacts in accordance with RMF policy for US Army and/or DoD programs on behalf of the Information Assurance Manager (IAM).
Assist the IAM performing Cybersecurity vulnerability alert monitoring issue resolution. Analyze the impact of potential vulnerabilities to network enclaves; and ensure MTC conformance with network security architecture and NIPRNET/SIPRNET policy.
As a trusted systems integrator for more than 50 years, General Dynamics Information Technology provides information technology (IT), systems engineering, professional services and simulation and training to customers in the defense, federal civilian government, health, homeland security, intelligence, state and local government and commercial NA approximately 32,000 professionals worldwide, the company delivers IT enterprise solutions, manages large-scale, mission-critical IT programs and provides mission support NA is an Equal Opportunity/Affirmative Action Employer - Minorities/Females/Protected Veterans/Individuals with Disabilities.