Information Security Engineer Leader- Interme Job in Washington, District Of Columbia US
Information Security Engineer Leader- Interme
Job Description Job Title: Information Security Engineer Leader- Intermediate (US CERTS) Requisition ID: 1100OXF Job Category: Information Security Engineer 6 Primary Location: USA-DC: DISTRICT OF COLUMBIA-WASHINGTON Schedule: Full-time Job Type: Regular Employee Status: Regular Job Posting: 2011-Dec-19 Description 90. Intermediate Information Assurance (IA) Analyst. Under general technical supervision, performs network monitoring, analysis and reporting in accordance with the provisions of DoD Directive 8570.01-M. These skills and their associated duties may include the following: a. Intrusion: Examines potential security violations, incidents, malicious activity and attacks to determine if policy has been breached, assesses the impact, and preserves artifacts. Enters and tracks events and incidents. Supports incident escalation and assesses probable damages, identifies damage control and remediation, and assists in developing courses of action. Supervises the installation, monitoring, testing, troubleshooting, and administration of IA hardware and software systems. Recommends, schedules, and performs IA system repairs, systems administration, and maintenance. Analyzes patterns of non compliance or attacks and recommends appropriate actions to minimize security risks and insider threat. Configures, optimizes, and tests network devices. Diagnoses and resolves IA problems in response to reported incidents. Enhances rule sets to identify or block sources or potential sources of malicious traffic. Supports the design and execution of exercise scenarios. b. Specialist: Implements, and monitors policies and procedures reflecting the legislative intent of applicable laws and regulations. Prepares, distributes, and maintains plans, instructions, guidance, and standard operational procedures concerning Information Security. Participates in IA risk assessments during the CA process. Prepares, reviews, and evaluates documentation of compliance. Prepares recommendations for the DAA. Reviews IA and IA enabled software, hardware, and firmware forcompliance with appropriate security configuration guidelines, policies, and procedures. Reviews AI security plans. Identifies alternative functional IA security strategies to address organizational security concerns. Reviews security safeguards to determine that security concerns identified in approved policies, plans, and doctrine have been fully addressed. Develops and implements programs to ensure that systems, network, and data users are aware of, understand, and follow IA policies and procedures. Essential Job Functions Provides engineering analysis, design and support for firewalls, routers, networks and operating systems. Performs vulnerability scans using vendor utility tools. Monitors security audit and intrusion detection system logs for system and network anomalies. Monitors user access process to ensure operational integrity of the system. Enforces the information security configuration and maintains system for issuing, protecting, changing and revoking passwords. Develops technical and programmatic assessments, evaluates engineering and integration initiatives and provides technical support to assess security policies, standards and guidelines. Implements, enforces and communicates security policies and/or plans for data, software applications, hardware and telecommunications. Performs product evaluations, recommends and implements products/services for network security. Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies. Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools. Reviews and recommends the installation, modification or replacement of hardware or software components and any configuration change(s)that affects security. Provides enforcement of security directives, orders, standards, plans and procedures at server sites. Ensures system support personnel receive/maintain security awareness and training. Maintains data and communicates to management the impact on business/customer caused by theft, destruction, alteration or denial of access to information. Security, equivalent or higher 8570 certification (e.g if they have a CISSP, this is higher than the Security preferred). Must be able to maintain/obtain a TS clearance Qualifications Bachelor's degree or equivalent combination of education and experience Bachelor's degree in computer science or related fieldpreferred Seven or more years of experience in network, host, data and/or application security in multiple operating system environments Experience working with IP networking, networking protocols and understanding of security related technologies including encryption, IPsec, PKI, VPNs, firewalls, proxy services, DNS, electronic mail and access-lists Experience working with internet, web, application and network security techniques Experience working with relevant operating system security (Windows, Solaris, Linux, etc.) Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies Experience working with federal regulations related to information security (FISMA, Computer security Act, etc.) Experience working with NIST Special Publications and C A process methodology Possess security certifications (CISSP, CCNA, etc) and/or top secret security clearance Other Qualifications Good communication skills Strong analytical and problem solving skills to troubleshoot and resolve network/operating system security issues Ability to perform and interpret vulnerability assessments Ability to administer the operations of a security infrastructure Ability to balance and prioritize work need to maintained to stay in the position. Remote Work Authorized: No Relocation Assistence: Not Available Clearance Level: Top Secret