Trace Systems

Returning Candidate?

Network Vulnerability Engineer

Network Vulnerability Engineer

Job ID 
2017-2128
# of Openings 
1
Job Locations 
US-DC-Washington
Posted Date 
11/27/2017
Category 
..

More information about this job

Overview

Trace Systems, headquartered in Vienna, Virginia, was founded in 1999 to support and defend our nation's security interests at home and abroad–– whenever and wherever. We provide cybersecurity, intelligence, communications, networking and information technology services, systems, and solutions to the United States Department of Defense, Intelligence Community and Department of Homeland Security.

 

Job Title:  Network Vulnerability Engineer

 

Job Location:  DC Metro

 

Security Clearance:  Minimum interim TS.  Must meet IT-1 requirements.

 

Job Responsibilities

  • Fully coordinate with the Information System Security Manager (ISSM) and Facility Security Officer (FSO) to ensure collaboration across security disciplines. 
  • Development of all Assessment and Authorization artifacts (SSPs, System Profiles, SSP attachments, POA&M, testing documentation, etc.) Information Assurance sustainment activities (hardware change management, software change management, account management, media protection, user interface, file transfers, etc.) Information System Self Inspection, Auditing, and Continuous Monitoring.  
  • Interfacing with Internal/External Customers: DoD Customers, Program Managers/Directors, IT, etc. Provides IA Training and Awareness.  Incident response, investigation, and resolution.  Development, maintenance, and execution of effective, well written, and customer compliant IA policies and procedures.  
  • Provide expertise to resolve computer security incidents and vulnerability compliance. 
  • Recommend best business practices and secure methodologies where required to maintain and/or improve the security posture of Information Systems (IS), the network, and remedy deficiencies.
  • Verify Enterprise compliance through the following activities:  analysis of CCRI/SAV/ACAS results and POA&Ms; evaluation of mitigation efforts; identification of gaps; providing recommendations to address security deficiencies; tracking of POA&Ms to completion using Government provided tool; reporting of results and recommendations to senior leadership; and providing cybersecurity support for certification and accreditation. 
  • Recommend best business practices and secure methodologies where required to maintain or improve the security posture of Information Systems (IS) and the network and mitigate vulnerabilities. 
  • Verify compliance of all network devices with DISA Security Technical Implement Guides (STIG’s) using Gov't provided tracking tool (reported as part of Site Compliance Report).  Provide expertise in assessing, documenting and reporting vulnerabilities due to evolving technologies (e.g. complexity of networks and systems, overlapping areas of responsibilities of complex networks, threat modeling). 
  • Provide security engineering services with recommendations throughout project lifecycles from inception of projects through initial and follow on accreditation. 
  • Provide technical expertise in implementing, applying, executing, and enforcing RMF standards, STIG or successor program standards. 
  • Provide input to the Risk Management Framework (RMF) process activities and related documentation (e.g., system lifecycle support plans, concept of operations, operational procedures, and maintenance training materials). 
  • Provide analysis and reports in support of the Compliance Assessment Program and DoD Risk Management Framework, which provides a comprehensive and quality security review and guidance throughout the lifecycle of networks. 
  • Provide technical support for the review of internal processes, such as incident reporting and trouble ticket handling; recommend and document process improvements. 
  • Support the government in reviewing, verifying, and reporting findings for privileged level account requests utilizing ARAMP and ATCT. 
  • Audit, Review, coordinate, document, and provide recommendations for DoD and Army Ports, Protocols, and Services Management (PPSM) requests. 
  • Identify deviations from approved configurations within eMASS and document them. 
  • Collect, compile and report Information Assurance Vulnerability Management (IAVM) for unclassified and classified networks, devices and systems. 
  • Track site application of security patches for commercial products integrated into system design to meet the timelines dictated by the management authority for the intended operational environment and ensure compliance.

Minimum Qualifications

  • Minimum 10 years of experience with Information Assurance programs for DOD networks.  Minimum 3 years of experience with Enterprise Missions Assurance Support Service (eMASS), Assured Compliance Assessment Solution (ACAS), Continuous Monitoring and Risk Scoring (CMRS), and/or Ports / Protocols / Services Management Registry (PPSM).
  • Must understand ACAS and Retina scanning.  Understanding of multiple technology types (Windows, UNIX, networking). 
  • Wireless / Mobility / Handheld / “BES”.  Must understand Windows SA and smartphone configurations.  BES(Blackberry)/Good Server, handheld policies.
  • Experience and skill in evaluating and designing countermeasures to identified security risks, in designing security controls based on Information Assurance (IA) principles and tenets, in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes, in developing and applying security system access controls and in evaluating the adequacy of security designs.
  • Experience with cyber security projects and programs for U.S. Government and/or commercial clients.
  • Must have hands-on technical experience as an individual contributor with documentation skills and experience in the following areas: Linux systems administration, Security COTS integration, Compliance scanning/vulnerability scanning, Operating System hardening, Network component hardening
  • Experience assessing and validating robustness of security systems and designs, require skill sets to design countermeasures to identified security risks, designing security controls based on IA principles and tenets, determining how a security system should work (including its resilience and dependability capabilities), and how changes in conditions, operations, or the environment will affect these outcomes.
  • Experience with auditing and evaluating the adequacy and accuracy of security designs. Basic Qualifications: (Measurable/ required - functional skills, certifications, education etc.
    Demonstrated ability to employ best business practices and secure methodologies to maintain and/or improve security posture of Information Systems, the network, and remedy deficiencies.
  • Experience verifying Enterprise compliance through analysis of CCRI/SAV/ACAS results, POA&M tracking, and analysis of mitigation efforts; report results, provide recommendations and risk assessment to senior leadership,
  • Experience resolving computer security incidents and vulnerability compliance, assessing vulnerabilities due to evolving technologies, and security engineering services with recommendations throughout project lifecycles,
  • Able to provide recommendations for DoD and Army Ports, Protocols, and Services Management (PPSM) requests to the Government.
  • CND experience (Protect, Detect, Respond and Sustain) within a Computer Incident Response organization.
  • Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
  • Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
  • Experience and skill in evaluating and designing countermeasures to identified security risks, in designing security controls based on Information Assurance (IA) principles and tenets, in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes, in developing and applying security system access controls and in evaluating the adequacy of security designs.
  • Experience assessing and validating robustness of security systems and designs, require skill sets to design countermeasures to identified security risks, designing security controls based on IA principles and tenets, determining how a security system should work (including its resilience and dependability capabilities), and how changes in conditions, operations, or the environment will affect these outcomes.
  • Experience with auditing and evaluating the adequacy and accuracy of security designs
  • Required certifications:DOD 8570 IAT-III compliant (SANS GIAC/GCIA/GCIH, CISSP or CASP and/or SIEM-specific training and certification),ACAS training

Desired Qualifications

  • Experience applying ITIL, Capability Maturity Model Integration (CMMI), and ISO 2000 and 27001 processes for service performance and project management to ensure the defense and protection of all government and DOD information systems, application systems, standalone systems, and applications.

Security Clearance

  • Minimum interim TS.  Must meet IT-1 requirements.

To Apply: We invite you to put your talents to work by joining a growing team of dynamic professionals here at Trace Systems! Be part of a culture at our leading edge company where you can achieve great things while fostering a satisfying and rewarding career progression. Please apply directly through the website at: www.tracesystems.com.      #jointracesystems

 

For any additional questions or to submit any referrals, please contact dclement@tracesystems.com

Trace Systems is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

 

Connect With Us!

Not ready to apply? Connect with us for general consideration.