Information System Security Officer - Sr Cybersecurity Analyst at SAIC

Pearl City, Hawaii, United States -

Full Time

Start Date

Immediate

Expiry Date

13 Feb, 26

Salary

0.0

Posted On

15 Nov, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Network Security Monitoring, Incident Response, Compliance Tracking, Vulnerability Management, Security Policies, Data Network Security, Intrusion Detection, Forensic Systems, Disaster Recovery, Authority to Operate, Physical Security, Vulnerability Scanners, Microsoft Office, Operating Systems, eMASS

Industry

Defense and Space Manufacturing

Description

SAIC is seeking qualified Cybersecurity Specialist (Information System Security Officer) for an Air Force TENCAP HOPE 2.0 contract at Joint Base Pearl Harbor Hickam, Hawaii. This position will support the delivery of local and distributed virtual and constructive training environments to US, allied, coalition military forces spanning the United States Indo-Pacific Command (USINDOPACOM) Area of Responsibility. The Cybersecurity Specialist will: · Perform network security monitoring and incident response. · Support the sustainment of the accredited cybersecurity posture of domain enclaves by actively tracking and maintaining each network’s cyber-vulnerability level and system compliance with applicable Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs). Report any deviations or shortfalls to the Information System Security Manager (ISSM) for action. · Support and assist with the STIG/SRG checklist process, tracking automated compliance scans and manual STIG checklists based on DISA releases. Validate results and track/report compliance of configuration changes based on CYBERCOM tasking orders or other DoW short-notice threat response notifications. · Maintain lists of active hosts on different networks and the corresponding basic inventory listings of software used to determine STIGs and/or SRGs that need to be applied. · Assist in researching configuration updates/changes and apply a “patch-and-test” approach to determine if a particular configuration update/change will have a detrimental effect on the processes and mission to decide on application in the operational environment. · Provide comprehensive cybersecurity support in support of Modeling and Simulation / Live, Virtual, and Constructive (M&S/LVC) information technology systems. · Provide comprehensive support to scan and remediate networks. · Provide comprehensive support to security monitoring and detection of unauthorized access. · Develop and execute Government approved security policies, plans, and procedures, implement data network security measures, operate and monitor network intrusion detection and forensic systems, conduct IS security incident handling, support Continuity of Operations Plan/Disaster Recovery (COOP/DR) plans, and perform certification of IS and networks. Provide technical support for Plan of Action and Mitigation process and remediation activities. · Provide comprehensive support to obtaining and maintaining Authority to Operate (ATO) accreditation for networks and systems. · Provide other related support including but not limited to: - Review system artifacts and documents for accuracy. - Conduct facility visits to observe the actual processes related to each Information Assurance (IA) control (technical, personnel, operational, or management). - Report security findings and issues associated with the RMF process to the appropriate Cybersecurity POCs. - Support and coordinate necessary documentation submissions for network and system Interconnection Security Agreements (ISAs), Authority to Connect (ATC), or other security agreements for both persistent and event-based interconnections. - Participate in meetings with system Information Assurance Security Officers (IASOs), Program Managers (PMs), Information System Security Managers (ISSMs) and their representatives, and other cybersecurity representatives of unit driven events or initiatives. During these meetings present issues and recommendations. Provide meeting reports that outline the discussion topics, problem areas, action items, and resolution recommendations. - Support system administration personnel with other related functions to include but not limited to implementation and sustainment of cybersecurity best practices in accordance with DoW and DISA directives to maximize confidentiality, integrity, and availability of the networks and training mission. - For scheduled and unscheduled cybersecurity posture audits, report observations, findings, and any corrective actions applied or recommended. Provide relevant metrics on results of audits, identifying trends and recommendations to reduce vulnerabilities and maintain or improve system security posture. Required Experience and Qualifications: · Bachelor's and nine (9) or relevant years of experience in lieu of degree. Must be a US Citizen, possess an active SECRET security clearance and be eligible to obtain a TS/SCI. · ISSO / ISSM Certifications, Education, or Training at the Intermediate or Advanced level, as specified in DoDM 8140.03 Cyberspace Workforce Qualification and Management Program and DoD Cyber Workforce Framework 722. Accepted certifications are: GMON, SecurityX/CASP+, CCISO, CCSP, CGRC/CAP, CISSO, Cloud+, GCSA, GSEC, Security+, SSCP, CISM, CISSP, CISSP-ISSMP, FITSP-M, GCIA, GCIH, GICSP, and GSLC. · Detailed understanding of DoW cybersecurity policies and procedures, including FIPS 199, FIPS 200, NIST 800-53, DHS 4300A SSH, and other applicable policies. · Comprehensive knowledge of Physical Security principles, methods, and techniques. · Proficient in operating and configuring ACAS, HBSS, and vulnerability scanners. · Proficient using MS Office including Word, PowerPoint, Excel, SharePoint, and Teams. Desired Experience and Qualifications: · Operating system certification (for example, Microsoft Certified Solutions Expert). · Microsoft Windows environment, UNIX, Linux, VMWare, VDI zero client architecture. · Microsoft Certified Solutions Craftsman: Server Infrastructure and/or Red Hat Certified System Administrator. · Experience with entering and reviewing eMASS artifacts. Salary · For extremely qualified candidates, salaries may exceed the target salary range given below.

Responsibilities

The Cybersecurity Specialist will perform network security monitoring and incident response while supporting the sustainment of the accredited cybersecurity posture of domain enclaves. They will also provide comprehensive cybersecurity support for Modeling and Simulation / Live, Virtual, and Constructive information technology systems.