Systems/Cybersecurity Engineer - TS/SCI
Fort Belvoir , VA | Contract to Hire
• Maintain baseline images for all AIS and Network devices IAW DoD and Army baseline configuration.
• Ensure all systems are configured to the minimum-security baseline in accordance with AR 25-2 and local policy. All systems built using the Army Gold Master baseline image provided by the local Regional Cyber Center (RCC) or supporting Theater Signal Command (TSC).
• Operate and maintain servers; perform log analysis, error detection, fault correction, backups, and restore.
• Perform startup and shutdown of the systems as required
• Maintain all systems with current antivirus, vendor patches, and comply with Defense Systems Information Agency (DISA) Vulnerability Management System (VMS) (or equivalent) reporting requirements.
• Ensure compliance with STIGs and ensure applicable Information Assurance Vulnerability Management (IAVM) alerts and bulletins are applied prior to the suspense date. System Center Configuration Manager or current equivalent shall be used to apply patches and IAVM fixes to computers attached to the network.
• Assist with the preparation of the documentation required to accredit all Information Systems in accordance with AR 25-2 and DoDI 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT), and shall submit that documentation to the IAM.
• Collect and maintain information needed to meet system IA reporting requirements.
• Scan or coordinate scanning on at least 95% of the systems using Assured Compliance Assessment Solution or DoD approved equivalent.
• Conduct bi-annual Security Content Automation Protocol scans on 100% of the systems.
• Remediate Category (CAT) 1 vulnerabilities within seven (7) working days of discovery and CAT 2 findings within 30 working days of discovery.
• Prepare a Plan of Actions and Milestones (POA&M) within one (1) business day of discovery for remediation of findings that cannot be completed within the specified timeframes.
• Record all scans and actions taken, including POA&Ms and mitigation plans, in VMS (or equivalent).
• Bachelor’ s degree OR 7 years of experience working in a similar position/field
• TS/SCI required.
• IAT Level 2 required (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, SSCP)
• CND-IS certified with one of the following: CEH, CSA+, GICSP, or SSCP