Decisive Analytics

Computer Security System Engineer (IA)

US-VA-Quantico
ID
2017-2234
Security Clearance Requirements
Top Secret SCI

Overview

DECISIVE ANALYTICS Corporation’s Analytical Technologies Sector is looking for an Computer Security Systems Engineer to support the United States Marine Corps’ Intelligence, Surveillance, and Reconnaissance – Enterprise mission.  This individual would provide direct support to the Intelligence Technology Division (ITD) and Marine Corps Intelligence Activity (MCIA) organization in support of the Marine Corps ISR Enterprise (MCISRE) for Information Store (iSToRE) and the MCISRE Knowledge Gateway (MKG) efforts.

Responsibilities

  • Stay current with latest DoD, Navy, and Marine Corps IA doctrine
  • Prepare documentation such as Risk Assessment Report (RAR), System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&Ms) to ensure compliance with government security policies and procedures
  • Assist the Government to generate and maintain security documentation for system hardware and software, to include System Security Plans, equipment lists, practices, and procedures
  • Assess the performance of IA security controls within the IT infrastructure
  • Identify IA vulnerabilities resulting from a departure from approved procedures and plans
  • Evaluate potential IA security risks and take appropriate corrective, mitigation, and recovery actions
  • Oversee that applicable patches are implemented, including IA vulnerability alerts (IAVA), IA vulnerability bulletins (IAVB), technical advisories (TA), and OPDIRs
  • Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements
  • Perform system audits to assess security related factors within the IT infrastructure
  • Review response actions to security incidents
  • Maintain a repository for all system accreditation/certification and personnel documentation
  • Should include the ability to identify and analyze security requirements to recommend upgrades, patches, new applications, necessary equipment, and technical support and guidance to users
  • Responsible for ensuring the appropriate operational IA posture is maintained for a system or enclave
  • Support and assist in the development of system security packages based on current doctrine
  • Conduct technical self-assessments and independent verification and validation (IV&V) assessments aligned with Marine Corps policy. Applicable testing includes but not limited to; DoD approved automated tools (Kali Linux, ACAS, Wireshark, nMap), security readiness reviews, Security Technical Implementation Guidance (STIGs) and manual security checklists
  • Apply Common Vulnerability Scoring System (CVSS) ratings and other applicable guidance in communicating characteristics and impacts of vulnerabilities to key stakeholders
  • Conduct repeatable and accurate testing techniques within the appropriate system classification levels and in accordance with applicable DISA, NSA, DIA and Marine Corps guidance
  • Conduct security impact analysis
  • Develop custom tools and attack scripts for vulnerability exploitation
  • Conduct remote triage, debugging and analysis
  • Conduct a comprehensive technical review and examination of all system baseline changes to include development of test procedures, testing of proposed changes, implementation of changes and system operations
  • Provide input into the security design and architecture of all MCIA IT systems by implementing system security mechanisms and providing cybersecurity guidance
  • Conduct an evaluation of the system architectures and identify whether or not security engineering and principles are embedded throughout the system
  • Support the installation of new or modified hardware, operating systems, and software applications ensuring integration with cybersecurity requirements for the systems
  • Apply group policies changes, STIGs and any other security protection mechanisms
  • Conduct cybersecurity protection, detection, response and recovery actions to quickly resolve or mitigate emergent cybersecurity threats, unauthorized activity and vulnerabilities for all IT systems
  • Conduct system administration duties of CND tools to include application and operating system (HBSS, SPLUNK, Websense, Forensics Tool Kit (FTK) or EnCase, ACAS)
  • Conduct Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) monitoring, analysis and reporting (HBSS/HIPS/etc)
  • Conduct incident handling and reporting
  • Conduct impact assessment matrix IAW applicable incident response policy. Implement vulnerability countermeasures on all IT systems/networks
  • Conduct investigations and correction of security problems. Review, analyze and respond to operation orders (OPDRs) or similar command authority orders and directives IAW MCIA Cybersecurity Division’s guidance
  • Establish and coordinate enterprise governance and compliancy regarding spillages and investigations. Collect, analyze and retain audit data to support technical analysis relating to misuse, penetration reconstruction and/or other investigations
  • Conduct audit log review IAW policy and procedure

Qualifications

  • Capable of working with frequent interruptions and changing priorities
  • Effective communication skills, written, verbal and interpersonal
  • Proficient time management, organizational skills and ability to meet established deadlines
  • Understanding and experience working in an enterprise computing environments, distributed applications, and a strong understanding of Networks
  • Strong project management skills
  • Proven experience and detailed technical knowledge in security engineering, system and network security, authentication and security protocols, cryptography, and application security
  • Shall meet DOD 8570 requirements for IAT II
  • Certs Required: CISSP (Or CASP CE, CCNP Security, GCED, GCIH)
  • Bachelor’s Degree (+7 years’ experience), Associate’s Degree (+10 years’ experience), or High School Diploma (+12 years’ experience)
  • Must be familiar with the Risk Management Framework (RFM) process

Security Clearance: Possess a Top Secret/SCI clearance

EEO statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status or disability.

VEVRAA Federal Contractor

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

If you are not ready to apply or do not see a position of interest, click the 'Connect With Us' link to:

* Sign up for job alerts that align with your interests (based on the criteria you set)
* Be visible for future opportunities in a function or location that best suits your background and desires
* Receive updates from our organization