This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

God Enriches | Local jobs for the people of Arizona

To post a job, login or create an account |  Post a Job

Security Engineer

General Dynamics Information Technology

This is a Contract position in Cochise County, AZ posted September 21, 2020.

Type of Requisition Regular Clearance Level Must Currently Possess Secret Clearance Level Must Be Able to Obtain Secret Suitability No Suitability Required Public TrustOther Required None Job Family Information Security Job Description bull Provide Cyber Security Engineering (CE) services to the USAISEC, MED located at Fort Huachuca, AZ. This effort will consist of CE support to multiple customers such as Department of the Army Program Executive OfficesProgram Management Offices, USACE, USARPAC, HFPA, and other agencies such as the DoD, DHS, MDA, and DoE bull Conduct baseline level system administration and maintenance on the workstations, servers, and network devices that comprise the EEDRS system enclave in both a physical and virtualized environment. This includes creating a new approved baseline, making any changes necessary to meet the current Security Configuration Guide (SCG), and applying patches as required to comply with the current Information Assurance Vulnerability Management (IAVM) program. Microsoft Structured Query Language (SQL) Server expertise is required. bull Review vendor-released updates and patches, determine applicability, and update workstations and servers as necessary. Test the applications on the workstations and servers after applying any patches or upgrades to verify that functionality of the systems has not been affected. bull Update the RMF documentation and artifacts based on any system changes to ensure that the RMF package is accurate and up to date. bull Ensure the entries in the eMASS remain current and are up-to-date. bull Maintain the EEDRS Cyber Security posture and determine if system changes affect the validity of its authorization bull Conduct automated scans for Information Assurance Vulnerability Alerts (IAVA), analyze the results of the scans, check for compliancy status, and document the findings bull Perform monthly full backups of each workstation and server in the enclave using the most current and approved method for conducting backups. bull Perform quarterly security reviews using available DISA STIGs to determine applicability and compliance to the EEDRS operating systems, applications, hosts, networking devices, and document the reviewaposs results in a STIG Compliance Report Manual checks will be performed for systems that cannot be checked with an automated tool. bull Assess the suitability of any IT being considered for inclusion as trusted components of supported systems. bull Perform annual Security Control Self-Assessment activities. bull Perform SCA-O activities if the systems being supported are designated as Stand-Alone Information Systems (SIS) or as Closed Restricted Networks (CRNs). bull Provide technical insight and regulatory guidance in the areas of CE Cyber Security requirements Planning, Oversight, and Execution of the DoD RMF processes. This includes any Cyber Security input needed for systems engineering specifications, plans, and designs that are incorporating security controls and requirements bull Participate in weekly, biweekly, and monthly meetings such as the Engineering Review Board (ERB), Technical Reviews (TR), System Registration Reviews (SSR), and Integrated Product Team meetings (IPT). bull Provide operational security support to ensure that the system owner has all necessary Cyber Security processes developed, implemented, and documented bull Provide security incident tracking support. This includes recommending courses of action, providing the necessary support to an intrusion incident, and analyzing real-time or historical intrusion audit data bull Evaluate and then update or develop the supported organization’s Cyber Security documentation and artifacts. This can include security concepts of operations, detailed security plans, allocation of component and sub-system security requirements, and Cyber Security Standard Operating Procedures bull Conduct and document vulnerability and risk assessments, making recommendations for eliminating or mitigating deficiencies. bull Provide Cyber Security configuration and implementation for supported systems. This will ensure systems and components are configured securely and in highest as possible compliance with STIGs, SCGs and other applicable authoritative security configuration guidance. All non-compliant settings must be fully documented and mitigated as much as possible. Strong working knowledge of various security technologies, architecture, networking, engineering and administration bull Have the ability to speak and write, conveying complex ideas, with ease and concisely in support of briefings, writings, or oral presentations. Must have CISSP or CASP. Must have a completed Secret-level security clearance (no interim) Must have a Computing Environment Cert. P referred certifications include MCSEMCDBA but will consider others Other helpful skills MS SQL, VMWare, ACAS, WSUS, SCCM, routingswitching Prefer Bacheloraposs degree or equivalent experience 5 years of related experience in data security administration. Scheduled Weekly Hours 40 Travel Required Less than 10 T elecommuting Options Telecommuting Not Allowed Work Location USA AZ Fort Huachuca Additional Work Locations We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.GDIT is an Equal OpportunityAffirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.