The candidate will provide automated and manual validations of Information Assurance Controls (IACs) and Validation Procedures (VPs) in accordance with the DoD Guidelines, CNSSI 1253 and/or NIST 800-Publications. Perform checks of systems and applications for IA vulnerabilities using approved automated IA tools (ACAS, SCAP-compliant scanners, DISA STIG Viwer, etc.), custom scripts and manually (Security Technical Implementation Guides [STIGS]). Document raw findings in a quicklook report, for customer notification. Create and maintain system Plan of Action and Milestones (POA&M). Complete required documentation and upload data into MCCAST online repository. Apply principles of Information Security, Defense-in-Depth, and Information Assurance Business Best Practices (BBP) to mitigate the level of risk. Provide recommendations for corrective actions and mitigation strategies. Perform self-assessments and Independent Verification & Validation (IV&V) for DoD and other federal agencies.
Must be a US citizen, able to obtain a DoD Secret clearance or higher, must have a DoD 8570.1-M IAT Level II certification prior to hire. High School Diploma; advanced training. Experience administering or configuring Window Severs/ VMware EXSI/ Database (SQL, Oracle)/Web (IIS,Apache)/ SharePoint/ Linux/Unix/Solaris/ Cisco Network gear (Switches, Routers, ASA, etc.) F5/Palo Alto/ Brocade Devices /SANS-NAS. Experience using DoD approved tools (ACAS, SCAP-compliant scanners, etc.).
This position requires a Secret US DoD security clearance.
BS in Computer Science, IT, Engineering, or related field. Fully Qualified Marine Corps Validator and/or Fully Qualified Navy Validator (FQNV), VMware/ Database (SQL, Oracle)/Web (IIS,Apache) Linux/Unix/Solaris experience. CISSP, CISA, CISM, GCIH, CCNA, RHCA strongly preferred.