Intermediate Information Security Specialist for Chenega Corporation in Arlington, VA (salary not disclosed) STIG
Intermediate Information Security Specialist needs for Chenega Systems (CS) which provides federal...
Intermediate Information Security Specialist needs for Chenega Systems (CS) which provides federal agencies empowered solutions in Cybersecurity and Data Visualization. Our Subject Matter Experts offer decades of experience working in the federal marketplace and the data visualization environment.
You will support the Headquarters Department of the Army (HQDA) Office of Deputy Chief of Staff (DCS) G-2 Information Management (IM) Directorate, otherwise known as Department of the Army Military Intelligence – Information Management (DAMI-IM), Chief Information Officer (CIO) in this important role. DAMI-IM’s mission is to transform Army Intelligence to a Net-Centric, knowledge-based community through development of policy and management of Information Technology (IT) integration, networking, assurance, initiatives, and programs. You’ll be helping achieve G-2’s vision of putting intelligence into the Warfighter’s hands.
Under general supervision, the Intermediate Information Security Specialist uses current information security technology disciplines and practices to ensure the confidentiality, integrity, and availability of corporate information assets by established standards and procedures.
Responsibilities
Develop and maintain a knowledge of changing regulatory, threat, and technology landscapes to continually develop or maintain security policies and standards and ensure compliance throughout the organization.
Provide technical support to Army Intelligence Enterprise, by identifying CS requirements and specifications following Intelligence Community Directives and Standards; participating in staff assistance visits for data gathering, performing technical analysis, and documenting CS requirements; conducting studies and preparing evaluations regarding the feasibility of using new technology; and analysis of customer requirements.
Provide technical support in assessing Army Intelligence Enterprise information needs and develop the required documents.
Conduct daily independent research, analyze data, develop an analysis of alternatives, and formulate recommendations to acquire senior government leadership approval on a variety of Army Intel IT topics within the DoD and Intelligence Community (IC).
Provide the Authorizing Official (AO) and Program-Information Systems Security Manager (P-ISSM) support of the Risk Management Framework (RMF) Assessment and Authorization (A&A) efforts for the Army Intelligence Enterprise.
Review RMF security packages, identify salient security issues, make the determination as to whether an agency system meets the appropriate Intelligence Community Directive (ICD) 503 information security requirements for that particular system, and provide a final recommendation as to whether the level of system residual risk is acceptable to the Government.
Provide input regarding the Army Intelligence Enterprise modernization lines of effort in areas such as Continuous Monitoring (CONMON) and Common Standardization.
Provide Subject Matter Expert (SME) support on all aspects of mission command and Army Intelligence Enterprise support and participate in working groups weekly and councils bi-weekly.
Investigate and analyze all response activities related to cyber security incidents within the network environment or enclave; serve as action officer coordinating cyber security sanitization and reporting; perform incident triage to include determining scope, urgency, and potential impact and track and document incidents from initial detection through final resolution.
Maintain Cybersecurity-related documentation, including collecting, consolidating, and/or generating the data required for the documentation and drafting the documents following the appropriate DoD, Army, and IC directives, instructions, regulations, or best business practices.
Facilitate senior government leadership review and approval of all updated or modified documents and maintain configuration control of the documents.
Schedule and conduct appropriate initial introductory training, and applicable remedial Cybersecurity/IA awareness training for all contractor, government, and military employees that have access to ODCS, G-2 networks following official guidance and the ODCS, G-2 Security Standard Operating Procedure (SOP).
Maintain and update ODCS, and G-2 training material to reflect changes in DoD, Army, and IC Cybersecurity policy or other information provided by the ISSM. At a minimum, the contractor shall conduct a yearly review of the training materials with the ISSM and submit revised training materials to the ISSM for review and approval before final publication.
Ensure unit records for ODCS, G-2 employees, in the Army Training and ATCTS, are up to date to reflect employee training statuses.
Manage or coordinate unit records in the Army Training Certification Tracking System (ATCTS) for all G-2 information system account holders IAW AR 25-2 and local requirements.
Coordinate with the Help Desk and applicable POCs for all G-2 information system access coordination and process DD Form 2875 to determine eligibility for access across all applicable domains for approval.
Assist the Information System Security Manager (ISSM) or conduct physical inspections of Automated Information System (AIS) deemed ready for end-of-life (EOL) disposal following the ODCS, G-2 Security SOP, and the ISSM, in coordination with the hardware team.
Review ODCS, G-2 network, and system configurations quarterly to ensure the ability to capture data mandated by the DoD, Army, and IC Directives and Standards.
Review operating systems, Active Directory, databases, hardware architecture, network devices, folder structures, and applications for security compliance following DoD, Army, and IC Directives and Standards.
Review and execute system configuration guidance and compliance checklist by ISSM instructions using use STIGViewer to review DISA’s most recently published Security Technical Implementation Guides (STIG) and/or Security Requirements Guide (SRG) as applicable to review security compliance status.
Be responsible for managing the G-2 Army Data Auditing Management (ADAM) program including training and tracking Observer, Operator, Custodian, and Approver roles, serving as Removable Media Custodian, and maintaining documentation of all removable media transfers.
Other duties as assigned.
Qualifications
Bachelor of Arts/Science degree preferred
5+ years of experience
IAM Level II following DoD 8570.01-M
Active TS/SCI clearance
Knowledge, Skills, and Abilities
5+ years of experience in protected information environments (e.g., SIPR, SAP, JWICS, etc.)
Knowledge of and experience with ICD 503 and the government’s assessment and authorization process
Practical knowledge and application of the Enterprise Mission Assurance Support Service (eMASS) information system assessment and authorization tool
For more info.: https://hubs.la/Q02_FG0-0