This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
H2 Performance Consulting - Charleston, SC
posted 3 days ago
About the position
H2 Performance Consulting (H2) is seeking a Information System Security Specialist III to support the Naval Info Warfare Center Atlantic's Data Center and Cloud Hosting Services and Enterprise Systems. The Information System Security Specialist III responsibilities will include developing, implementing, and maintaining the organization's cybersecurity policies and procedures, overseeing the Risk Management Framework (RMF) process, conducting security assessments, vulnerability scans, and STIG (Security Technical Implementation Guide) reviews, managing endpoint security solutions, and monitoring and responding to security incidents.
Responsibilities
- Develop, implement, and maintain the organization's cybersecurity policies and procedures.
- Oversee the Risk Management Framework (RMF) process, ensuring compliance with federal and organizational standards.
- Conduct security assessments, vulnerability scans, and STIG (Security Technical Implementation Guide) reviews.
- Manage endpoint security solutions and oversee patch management to ensure systems are up-to-date and protected.
- Collaborate with IT and cybersecurity teams to identify and address security risks and vulnerabilities.
- Monitor and respond to security incidents, providing detailed analysis and reporting.
- Maintain documentation related to security policies, procedures, and compliance activities.
- Ensure continuous improvement of cybersecurity practices and tools.
- Implement DoD security requirements, including the deployment of software patches/updates, BIOS and firmware updates, Computer Tasking Orders (CTO), Information Assurance Vulnerability Alerts (IAVA), Public Key Infrastructure (PKI), Data at Rest (DAR) and encryption.
- Evaluate and/or recommend purchase of computers, peripheral hardware, and software.
- Maintain confidentiality regarding the information being processed, stored, and accessed on the network.
- Establish, maintain, and document host connections to the NHRC network.
- Troubleshoot network access problems and implement network security policies and procedures.
- Ensure network security access and protect against unauthorized access, modification or destruction of network components and stored data.
- Perform Information System Security Officer (ISSO) duties to include vulnerability mitigation, patch management and compliance reporting using enterprise cybersecurity tools.
- Responsible for network infrastructure such as installing, configuring, managing, troubleshooting and operating to include but not limited to: Software defined networking, Cloud networking services, Cisco switches, routers and firewalls, Citrix NetScaler appliances, F5 Network Appliances, and Uplogix Local Managers.
Requirements
- Minimum SECRET clearance.
- Bachelor's degree in a technical or managerial related discipline or High School Diploma or GED.
- At least one (1) of the following: CompTIA Security+ or CompTIA Advanced Security Practitioner (CASP) or Certified Information System Security Professional (CISSP).
- At least one (1) of the following: complete a vendor/platform specific certification such as: CISCO Certified Network Associate (CCNA) or CISCO Certified Network Professional (CCNP).
- Five (5) years with Bachelor's degree or seven (7) years with HS/GED of practical experience demonstrating competency in Cybersecurity, Engineering, Test & Evaluation (T&E) or Assessment & Authorization (A&A)/ Certification & Accreditation (C&A) related field as they pertain to Cisco networks.
- Familiarity with security policies & guidance documents to assist with the preparation and maintenance of process artifacts, traceability documents purposed for compliance with Authority to Operate (ATO) requirements.
Nice-to-haves
- Certification as Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level II or III (position-based).
- Demonstrated working knowledge of the Risk Management Framework (RMF) process.
- Experience assisting or developing system security policy and ensuring compliance of change management and configuration control processes.
