Job Description

Position Summary:

The ideal candidate will have strong technical and cybersecurity experience using the Risk Management Framework (RMF) in a DoD environment. The candidate should have experience with creating and administering security compliance documents such as FIPS199 workbook, Contingency Plan, Contingency Plan Test, Security Plan, Security Controls Traceability Matrix, and Security Assessment Plan. The ideal candidate will have experience working with windows and Linux systems, and other legacy lab systems. The ideal candidate will also have experience with log analysis tools such as Splunk and traffic monitoring tools such as Wireshark. The candidate must have one of the DoD 8570.1M IAM Level I, Level II, or Level III certifications, listed below:

CAP

GSLC

Security+ CE

CASP

CISSP (or Associate)

CISM

GSLC

Provide information technology security services to the U.S. Army's Ground Vehicle Systems Center (GVSC) TDREN System pertaining to labs accreditation under Zone B. Provide security functions such as vulnerability management, traffic monitoring, log analysis, POAM management, security assessments, configuration management, incident response, and inventory management.  Using the Risk Management Framework, develop Assessment and Authorization (A&A) packages for information computer systems. Use NIST 800-53 Rev. 4 controls and create security compliance documents such as FIPS199 workbook, Contingency Plan, Contingency Plan Test, Security Plan, Security Controls Traceability Matrix, and Security Assessment Plan. Work efficiently with technical staff, security staff, and executives. The Information Systems Security Officer (ISSO) reports to the Information Systems Security Manager (ISSM) and the Information System Owner (ISO) of TDREN.

Under general supervision, responsible for moderately complex security issues including architectures, electronic data traffic, and network access. Applies current computer science technologies to the design, development, evaluation, and integration of computer systems and networks inside GVSC Labs to maintain data security. Conducts risk assessments and provides recommendations for accrediting GVSC Labs. Work efficiently with technical staff, security staff, and executives. 

Duties and Responsibilities:

• Develops, implements, enforces and communicates security policies or plans for data, software applications, hardware, telecommunications and information systems security within GVSC Labs in order to bring those labs under TDREN Zone B accreditation.
• Carries out phases of information systems/networks security program that involves access to computers and computerized data enabling labs to meet requirements for network security.
• Researches, evaluates, tests, recommends, communicates and implements new security software or devices within GVSC labs including physical security.
• Researches, evaluates, tests, recommends, communicates and implements new IT Technical solutions to help improve IT efficiency inside the labs including how to share data securely and network devices as needed.
• Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans.
• Conducts investigations of computer security violations and incidents, reporting as necessary to management. Identifies and recommends solutions to security exposures.
• Works with commercial computer product vendors in the design and evaluation of state-of-the-art secure operating systems, networks, and database products.
• Coordinates with project teams in system consolidation, information security software upgrades, and contingency management planning and execution.
• Responds to queries and requests for computer security information and reports. Draft security reports to regulatory agencies and to TDREN ISO as needed.
• Performs additional duties and responsibilities as assigned.

The candidate must be able to obtain and hold a SECRET clearance.

*CJ

#LI-CW1