This job is closed
We regret to inform you that the job you were interested in has been closed. Although this specific position is no longer available, we encourage you to continue exploring other opportunities on our job board.
H2 Performance Consulting - Charleston, SC
posted 3 days ago
About the position
H2 Performance Consulting (H2) is seeking an Information System Security Specialist III to support the Naval Info Warfare Center Atlantic's Data Center and Cloud Hosting Services and Enterprise Systems. The Information System Security Specialist III responsibilities will include developing, implementing, and maintaining the organization's cybersecurity policies and procedures, overseeing the Risk Management Framework (RMF) process, conducting security assessments, vulnerability scans, and STIG reviews, managing endpoint security solutions, and monitoring and responding to security incidents. The role also involves maintaining documentation related to security policies and ensuring continuous improvement of cybersecurity practices and tools.
Responsibilities
- Develop, implement, and maintain the organization's cybersecurity policies and procedures.
- Oversee the Risk Management Framework (RMF) process, ensuring compliance with federal and organizational standards.
- Conduct security assessments, vulnerability scans, and STIG (Security Technical Implementation Guide) reviews.
- Manage endpoint security solutions and oversee patch management to ensure systems are up-to-date and protected.
- Collaborate with IT and cybersecurity teams to identify and address security risks and vulnerabilities.
- Monitor and respond to security incidents, providing detailed analysis and reporting.
- Maintain documentation related to security policies, procedures, and compliance activities.
- Ensure continuous improvement of cybersecurity practices and tools.
- Implement DoD security requirements, including the deployment of software patches/updates, BIOS and firmware updates, Computer Tasking Orders (CTO), Information Assurance Vulnerability Alerts (IAVA), Public Key Infrastructure (PKI), Data at Rest (DAR) and encryption.
- Evaluate and/or recommend purchase of computers, peripheral hardware, and software.
- Maintain confidentiality regarding the information being processed, stored, and accessed on the network.
- Establish, maintain, and document host connections to the NHRC network.
- Troubleshoot network access problems and implement network security policies and procedures.
- Ensure network security access and protect against unauthorized access, modification or destruction of network components and stored data.
- Responsible for installing, configuring, managing, troubleshooting and operating server equipment and software.
Requirements
- Minimum SECRET clearance.
- Bachelor's degree in a technical or managerial related discipline or High School Diploma or GED.
- At least one (1) of the following: CompTIA Security+, CompTIA Advanced Security Practitioner (CASP), or Certified Information System Security Professional (CISSP).
- At least one (1) of the following: IEEE CS Software Development Associate Engineer Certification or complete a vendor/platform specific certification such as: VMware Certified Technical Associate - Data Center Virtualization, Cloud certifications such as AWS Architect, Developer, and SysOps Associate.
- Five (5) years with Bachelor's degree or seven (7) years with HS/GED of practical experience demonstrating competency in Cybersecurity, Engineering, Test & Evaluation (T&E) or Assessment & Authorization (A&A)/ Certification & Accreditation (C&A) related field.
- Demonstrate a working knowledge of the Risk Management Framework (RMF) process.
- Familiar with security policies & guidance documents to assist with the preparation and maintenance of process artifacts.
- Capable of evaluating security solutions to ensure they meet security requirements for processing up to classified information.
Nice-to-haves
- Certified as Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level II or III.
