INFORMATION SECURITY SPECIALIST 3 (63194)
Information Systems - Security
USA-VA-Classified
Security Clearance: TS/SCI
Clearance Status: Must be Current
Schedule: Full Time
Type of Travel: None
Percent of Travel Required: None
Description
POSITION SUMMARY:
With a wide range of knowledge, performs independent assessment of the information security posture of an organization using applicable tools. Assesses information network threats such as computer viruses. Operates vulnerability assessment equipment in support of penetration analyses. Provides guidance to less experienced information security professionals. Prepares evaluation reports. Recommends remedial action.
Duties and Responsibilities:
Monitors security systems, and analyzes potential threats and vulnerabilities to client systems.
Develops new computer and network security systems, including both hardware and software.
Coordinates technical incident response and remediation activities for client environments.
Provides security analysis and consultation services for product, system and network architecture designs.
Develops tools for operational use and analyzes current threats to information security and systems.
Analyzes network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.
Launches and tracks investigations to resolution.
Composes and sends alert notifications.
Analyzes security findings and data.
Publishes reports and keeps metrics for client systems.
Identifies trends and root causes of system failures or vulnerabilities.
Maintains vendor and trusted partner relationships.
Ensures that the Information Systems Security department's policies, procedures, and practices as well as other systems user groups are in compliance.
Ensures that the physical environment of the computers and their terminals are properly secured.
Prepares documentation with review findings and remediation activities.
Prepares customer briefings to CIO office to present findings and delivers status reports.
Works with existing technical team and system administrators to improve monitoring tasks to gain efficiency.
DESIRED EXPERIENCE
Participation and knowledge of IT Audit Readiness (ITAR) initiatives, including familiarization with FISCAM, FISMA, OMB Circulars, and DoD regulations.
Prepares schedule for identification of ITAR tasks, and executing of tasks.
Prepares test plans and matrices, and advises Government on Corrective Actions. Prepares Corrective Action Plan (CAP), and actively works with the Gov't to ensure CAPs are being addressed and worked.
EDUCATION & EXPERIENCE:
Typically requires a bachelor's degree or equivalent and five to seven years of related experience.
Network, Security certifications are a plus. Candidate must be willing to become certified if not currently. Certifications may include: A+, SSCP, Network+, CISSP, CISA, SCNA, GSE, and Security +.
PHYSICAL DEMANDS:
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.
