ATSS is looking for an Information Systems Security Officer for a client in the Mobile, AL. area.
GENERAL FUNCTION: Responsible for network security analysis, monitoring, and incident response, as well as maintenance and configuration of network security tools. Will work with the latest technologies to detect, analyze, and limit intrusions and security events. Responsible for the company’s enclave information assurance program. Reports directly to the Information System Security Manager.
TYPICAL DUTIES: The following statements are intended to describe the general nature and level of work being performed and are not to be construed as an exhaustive list of all responsibilities.
• Perform and maintain records of network security monitoring and incident response.
• Implement and assure that appropriate security controls are in place to safeguard business systems and Information Technology (IT) infrastructure in accordance with Defense Federal Acquisition Regulation Supplement 252.204-7012 and other similar U.S. Government regulations and requirements.
• Record and report security-related incidents as a member of the company’s Cybersecurity Incident Response Team.
• Prepare and review security-related documentation including systems security plans, risk assessment reports, and certification and accreditation packages.
• Create, monitor, analyze, modify, and update intrusion detection systems, intrusion prevention systems, and Security Information and Event Management (SIEM).
• Recognize potential successful and unsuccessful intrusion attempts and compromises reviews and analyses of relevant event detail and summary information.
• Evaluate and deconstruct malware.
• Analyze large sets of data to discover indications of compromise.
• Assist with implementation of countermeasures or mitigating controls.
• Create and maintain cybersecurity-related standard operating procedures.
• Consolidate and conduct comprehensive analysis of threat data.
• Conduct continuous threat hunting activities on network assets.
• Participate in cybersecurity project planning activities.
• Participate in Red Team by playing the role of an enemy or competitor and provide security feedback from that perspective.
• Participate in Blue Team by performing analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and make certain all security measures will continue to be effective after implementation.
• Participate in Purple Team by collaborating with team members to improve cybersecurity.
• Conduct periodic Security Content Automation Protocol for the Security Technical Implementation Guide on systems as required under by the National Industrial Security Program Operating Manual and other similar U.S. Government regulations and requirements.
• Complete required updates to assigned systems to assure compliance with security controls.
• Perform and document periodic internal, external, and wireless network penetration testing.
REQUIRED KNOWLEDGE, SKILLS & ABILITIES:
• Knowledge of local, State and Federal laws and regulations related to security controls.
• Advanced knowledge of National Institute of Standards and Technology (NIST) compliance guidelines, including NIST 800-171 and NIST 800-53.
• Proficient in MS Office applications including Word, Excel, Access, and PowerPoint.
• Knowledge of network and web-based security concepts.
• Knowledge of Institute of Electrical and Electronics Engineers 802.11 security concepts.
• Knowledge of operating systems including Windows, Linux, and Unix.
• Understanding of internet protocol suite.
• Knowledge of Social Engineering techniques and tactics.
• Knowledge of operations security controls.
• Ability to work, problem-solve and exercise independent judgement; interpret information and formulate actionable steps.
• Ability to communicate clearly and effectively, both verbally and in writing.
• Ability to establish and maintain effective working relationships with employees of all levels while maintaining a high level of confidentiality and diplomacy.
• Knowledge of standard practices related to data management, classification, and control.
• Ability to prioritize competing work assignments and initiatives to complete tasks.
• Willing to work rotating shifts.
EXPERIENCE & TRAINING: Bachelor’s degree in Computer Science or other related field or any equivalent combination of experience and training which results in the required knowledge, skills and abilities. At least 5 years’ Information Technology experience. At least 3 years’ experience in cybersecurity role. Demonstrated experience with risk management framework within a classified environment. Experience using interpreted languages, such as Ruby and Python. Experience with vulnerability management tools, such as Nexpose and Nessus. Experience with cybersecurity automation tools and techniques. Experience with cybersecurity incident reporting. Experience with different IT infrastructure components, including SIEM, content filtering, virtual private network, firewalls, routers, load balancers, lightweight directory access protocol, virtualization, email systems, single sign-on, multifactor authentication, data loss prevention, anti-malware, and endpoint detection and response. Experience with cloud technologies including Microsoft Azure and Amazon Web Services (AWS). Experience with encryption techniques and technologies. DOD 8570.01 IAT II Level certification or higher: Azure AZ-900 Fundamentals, AWS Cloud Practitioner certification and Cybersecurity Maturity Model Certification preferred. Must be a US citizen and have an active Secret level U.S. Government Security Clearance.