Company Overview
Looking for a rewarding and challenging career with a dynamic, growing organization? ByLight LLC. , has an immediate need for an Information System Security Officer / Privacy Analyst to support an important government customer in Washington, DC.
Position Overview
Support the security assessment of globally-deployed departmental systems through hands-on execution of customer-supplied tools and best-practice techniques, including manual verification scans against defined component baselines. Determine the security and configuration status of a variety of system components including Linux and Windows operating systems; system support components; and VMWare implementations. Support the customer through systems/network monitoring via iPost and other department approved and sanctioned tools under the continuous monitoring task and the Heads-Up certification phase of the customer
Responsibilities
- Support the customer through systems/network monitoring via iPost and other department approved and sanctioned tools under the continuous monitoring task and incident monitoring of devices within the customer's environment to ensure current policies are upheld.
- Providing guidance and strategies so that the customer functions in accordance with Federal Information Security Management Act (FISMA) and information assurance requirements, as well as agency and other organizational policies, guidelines and procedures.
- Monitoring the customer's information technology architecture to ensure an adequate information system security infrastructure is in place to meet day-to-day security requirements.
- Ensure that information systems are operated within an acceptable level of risk and are configured properly.
- Ensuring that all information systems security related incidents and violations are immediately reported, data is collected, investigation is coordinated, and corrective measures are implemented.
- Provide monitoring and analysis of potential security risks at customer sites (both government and contractor) through the effective monitoring and analysis of security threats, recommending corrective actions through impact assessments and on-going support.
- Provide on-going security support in the areas of software and administrative support to the customer, including providing detailed security briefings on a regular basis.
- Assist the systems security office in the effective analysis, operation, maintenance, documentation, training and ongoing support of security systems.
- Write and update various SOP's and scripts as needed to affect proper security procedures are current in an ever-changing environment.
- Providing support to system administrators to ensure systems are reporting properly and through the monitoring of all systems on the network and by reviewing and providing analysis of security logs, systems logs and ensuring all security compliance is maintained
- Ensuring and monitoring that all the customer's systems are compliant with the Department's Anti-Virus program.
- Monitor and push for remediation for system not getting definitions updates.
Required Experience/Qualifications
- Must have at least 3 years of specialized Information Security experience with a Associate's Degree in related field.
- DOD 8570 IAT Level II certification (or better)
- 3+ years of enterprise Linux and Windows Server security configuration familiarity.
- Working knowledge of various assessment tools including Tenable Nessus or Splunk, Zabbix, HP Webinspect, AppDetective, nmap, and related NOC, SOC, operations, data center or similarexperience acquired with 1+ year of NOC, SOC, operations, data center, configurations management or similar security related experience.
- 2+ years of using the NIST 800-53a RMF to conduct A&A assessments.
Preferred Experience/Qualifications
- Must be Comfortable presenting to all levels of staff and creating presentations.
- Ability to develop/use custom scripts (bash and Windows Powershell or equivalent)
- Prior Department of State experience Application security principles and experience NOC, SOC, operations, data center or similar experience with lesser Degree
- Required/Equivalent Experience w/o degree: 5 years of experience w/ Certification Requirements: CASP, CISSP, CISA or related certifications
Special Requirements/Security Clearance
Physical Demands
Must be able to lift 15 Lbs.
If working from home you must have reliable Internet and a place in your home to attend meetings with minimal background noise.