Information Systems Security Officer in Warren, MI at Alion Science and Technology

Date Posted: 11/9/2019

Job Snapshot

Job Description

Position Summary:

Provide information technology security services to the U.S. Army's Ground Vehicle Systems Center (GVSC).  Provide security functions such as vulnerability management, traffic monitoring, log analysis, POAM management, eMASS management, security assessments, configuration management, incident response, and inventory management.  Using the Risk Management Framework, develop Assessment and Authorization (A&A) packages for information computer systems.  Use NIST 800-53 Rev. 4 controls and create security compliance documents such as FIPS199 workbook, Contingency Plan, Contingency Plan Test, Security Plan, Security Controls Traceability Matrix, and Security Assessment Plan.  Work efficiently with technical staff, security staff, and executives.

Under general supervision, responsible for moderately complex security issues including architectures, electronic data traffic, and network access. Applies current computer science technologies to the design, development, evaluation, and integration of computer systems and networks to maintain data security. Conducts risk assessments and provides recommendations for application design.

Duties and Responsibilities:

Develops, implements, enforces and communicates security policies or plans for data, software applications, hardware, telecommunications and information systems security education/awareness programs.

Carries out phases of information systems/networks security program that involves access to computers and computerized data enabling company to meet contractual requirements for network security.

Researches, evaluates, tests, recommends, communicates and implements new security software or devices.

Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans.

Conducts investigations of computer security violations and incidents, reporting as necessary to management. Identifies and recommends solutions to security exposures.

Develops, tests, and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools.

Works with commercial computer product vendors in the design and evaluation of state-of-the-art secure operating systems, networks, and database products.

Coordinates with project teams in system consolidation, information security software upgrades, and contingency management planning and execution.

Responds to queries and requests for computer security information and reports. May draft security reports to regulatory agencies such as Departments of Defense or Energy.

Qualifications

The ideal candidate will have experience using the Risk Management Framework (RMF) in a DoD environment to develop Assessment and Authorization (A&A) packages for information computer systems. The ideal candidate will have proficiency using NIST 800-53 Rev. 4 controls, and experience creating and administering security compliance documents such as FIPS199 workbook, Contingency Plan, Contingency Plan Test, Security Plan, Security Controls Traceability Matrix, and Security Assessment Plan. The ideal candidate will have experience working with Linux systems, notably Red Hat Enterprise Linux (RHEL). The ideal candidate will also have experience with log analysis tools such as Splunk and traffic monitoring tools such as Wireshark.

As a condition of employment, the candidate must have one of the DoD 8570.1M IAM Level I, Level II, or Level III certifications, listed below:

CAP

GSLC

Security+ CE

CASP

CISSP (or Associate)

CISM

GSLC

Education 

Bachelor's degree in related discipline plus 3 to 5 years of directly related experience. Master's degree preferred.

In some cases, educational requirements may be adjusted or waived for more than 7 years applicable work experience. Work experience may be adjusted for highly specialized knowledge or uniquely applicable experience for positions involving new technology or labor market shortages as reflected by market survey data.

Knowledge, Skills, Abilities:

Familiar with Information Assurance Policies and Procedures, including the RMF process.

The candidate must be able to obtain and hold a SECRET clearance.

Next Steps

Next Steps

JOIN OUR TALENT NETWORK

Join the Alion Talent Network today and stay up-to-date on our openings as they continue to become available! As a member of our network, you will receive alerts with new job opportunities that match your interests and have the ability to share job opportunities through social media or email. Join now!

Whether you choose to apply or just leave your information, we look forward to staying connected with you.