Own your opportunity to work with the largest government agency in the nation. Make an impact by advancing the Department of Defense’s mission to keep our country safe and secure.
Job DescriptionInformation Systems Security Manager (ISSM) III
The ISSM's primary function will be to organize, install, and support government organization’s computer systems, including local area networks (LANs), wide area networks (WANs), network segments, intranets, and other data communication systems. This will also include helping architect, design and analyze network models. It will require participation in decisions about buying future hardware or software to upgrade organization’s infrastructure. This position might be called upon to provide technical support to computer users to help solve users’ problems. This position will support activities within Special Access Programs (SAPs) supporting Department of Defense (DoD) agencies, such as HQ Air Force, Office of the Secretary of Defense (OSD) and Military Compartments efforts. The position will provide “day-to-day” support for Collateral, Sensitive Compartmented Information (SCI) and Special Access Program (SAP) activities.
Performance shall include:
Able to perform self-sustaining and work with little to no oversightLead IT ops team on day to day management and operations of Networks and implement capabilities vetted through Cybersecurity, ISSE and higher headquarters to maintain JSIG/RMF Authority to Operate and maintain Continuous Monitoring tools and processesManage COTS & GOTS products to collect, display and remediate a variety of automated system security and system operations/performance functions and metrics.Assist during security assessments of servers/network devices/security appliancesAssist during security assessments with regard to accuracy and efficiencyAssist with Creation of operational Operations and Maintenance (O&M) checklists to maintain the service (daily, weekly, monthly, yearly O&M checklists); build Tactics, Techniques and Processes (TTPs) and Standard Operating Processes (SOPs) associated with service checklistsManage and operate monitoring tools/capabilities with the enterprise security information and event management (SIEM) and create/tailor complex event alarms/rules and summary reportsExecute cybersecurity operations procedures for day to day network management, operations and maintenanceMonitor/analyze output of cybersecurity related tools for reportable security incidents and residual riskAssist in analyzing technical risk, upon request, of emerging cybersecurity tools and processesWork as part of a security incident response team as neededAssist ISSM/ISSO/ISSE with the Integration/Development new techniques to improve Confidentiality, Integrity, and Availability for networks/systems operating at various classification levelsAdvanced technical competency in one or more of the following supported platforms: Microsoft Windows Server, Active Directory Red Hat Enterprise Linux servers, MS Hyper-V/VMWare/ESx/Xen Hypervisors, Enterprise networking/firewalls/intrusion detection/prevention systems, forensic analysis/vulnerability assessment, Group Policy management and configuration, Scripting, BMC Footprints, WSUS, , Lumension, Bitlocker, SQL Server 2012, TomCat, IIS, Windows Server 2012r2/2016, Win 10, Red Hat 6.5, Microsoft OfficeToolkits, SEIMs, Logrhythm, ACAS/Nessus/SCAP, mandatory/role-based access control concepts (e. g. SE Linux extensions to RHEL, PitBull, AppArmor, and Sentris) , video teleconferencing/VOIP, Oracle/MS SQL database security, and Apache/IIS Web server securityExperience:
8+ years related experienceEducation:
Bachelor’s degree in a related area or equivalent experience (4 years)Certifications:
Must meet position and certification requirements outlined in DoD Directive 8570.01-M for Information Assurance Technician Level III within 6 months of the date of hireSecurity Clearance:
Current Top Secret Clearance with SCI EligibilityEligibility for access to Special Access Program InformationWillingness to submit to a Counterintelligence polygraphOther Requirements:
Thorough knowledge of Microsoft Windows desktop and server operating systems, Microsoft Exchange Server, and as needed RHEL operating systems administration and associated hardwareExperience in effective communication and collaborating in a high performance team environment.Group Policy design and configurationWorking knowledge of CISCO network and switching and virtualization technologiesWorking knowledge of virtualization as it applies to users environments, operating systems, and network appliancesWorking knowledge of Local Area Network (LAN) and Wide Area Network (WAN) technologies and data backup technologiesWorking knowledge communication security (COMSEC) policies and integrationWorking knowledge of Risk Management Framework, Common Criteria, and System Security Policy as they relate to assessments and authorizationWorking knowledge and current relevant experience with PL2, PL3, and PL4 network environments/systemsWorking knowledge of WSUS and/or YUM patch deployment methodologiesMust be familiar with DoD policy as it applies to implementing and executing system and network administrationWorking knowledge of Risk Management Framework and how to apply it to network/information system environmentsMust be able to regularly lift up to 50 lbs.#AirforceSAPOpportunities