Computer Security Systems Specialist with Security Clearance
Lukos
2024-10-05 01:43:37
Coronado,
California,
United States
Job type: fulltime
Job industry: I.T. & Communications
Job description
Computer Security Systems Specialist Minimum Qualifications Summary Certification & Education BA or BS degree in IT, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution or specific experience listed below. DoD SECRET security clearance Experience Required 4 years of experience in the specific field of study and specialization Job Objective This Computer Security Systems Specialist will provide support for cybersecurity policy, plans, and procedures and assist NSWG-1 Command ISSM (CISSM) in performing Assessment and Authorization (A&A) coordination. The duties of this task include assessing network compliance against controls listed in National Institute of Standards and Technology (NIST) Standard Publication (SP) 800-53 and creating A&A packages. Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program at NSWG-1. Responsibilities Assist with performing risk and vulnerability assessments, compliance, and validation of IT systems to manage risk, control access, continuous monitoring and incident response, training and awareness, and ensure compliance with governance and policies in support of the Cybersecurity program at NSWG-1. Provide inputs to cybersecurity reports, System Access Authorization Requests (SAAR), Standard Operating Procedures (SOP), Plan of Action and Milestones (POAM), and course of action (COA) development and the implementation of Cybersecurity mitigation strategies. Assist with Risk Management Framework (RMF) packages for the Assessment and Authorization (A&A) of existing systems and emerging technology to obtain an Authority to Operate (ATO), Continuous Authority to Operate (cATO), Interim Authority to Test (IATT), or Authority to Connect (ATC) in support of NSWG-1mission. Provide inputs to RMF body of evidence (BoE) artifacts, to include but not limited to: Information Management Tool (IMT) RMF discovery checklist IMT-55, RMF supplemental checklist, hardware and software lists, system interface (ports and protocols), DoD Architectural Framework (DoDAF) and/or Defense Information Systems Network (DISN) architecture drawings and diagrams (topology, data flow, accreditation boundary, rack/room/equipment layout), Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG)/ Security Requirements Guide (SRG) check Files using the DISA STIG viewer tool, Security Content Automation Protocol (SCAP) files, scans, Concept of Operations (CONOPS), User Access Policies, Continuity of Operations (COOP), Privacy Impact Assessment (PIA), Interconnect Security Agreements (ISA), and POAMs. Ensure BoE documents are available in the USSOCOM-chosen automated tool. Assist to track and maintain A&A databases, web sites and tools to ensure that networks, systems, and devices are properly documented and managed from a cybersecurity perspective. Ensure timely notifications are made to responsible individuals and organizations to prevent lapses in accreditations (e.g., 30-, 60-, and 90-day notices). Assist to track and report compliance with applicable Cybersecurity regulations and directives. Ensure timely notifications are made to responsible individuals and organizations to prevent lapses in reporting requirements. Assist with Change Management and Incident Handling processes, to manage Remedy ticket requests for Incident Response and cybersecurity requirements. Provide inputs to accurately define incidents, problems, and events in the trouble ticketing system. Assist with diagnosing and resolving tickets and help maintain incident tracking and solution database/dashboard. Provide inputs to develop and maintain an Information Security Continuous Monitoring (ISCM) Plan. This plan shall address ongoing awareness of information security, vulnerabilities, security controls, and threats to support organizational risk management decisions. Assist with performing network security evaluations and vulnerability assessments using the DOD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool. Provide SME input to identify applicable STIGs and perform assessments using the Security Content Automation Protocol tool. Liaisons with network and system administrators to correct identified deficiencies. Provide assessment of scans for new systems and applications being introduced or reviewed in the SIE, identify issues, and provide inputs to certification letters for the government. The contractor will liaison with government POCs to ensure systems and application meet the standards in the DISA STIGs. Assist with validating the patching of systems, perform validation scanning, develop POAM, and report as directed by applicable policies, procedures, and regulations. Provide inputs to develop and implement required processes, procedures, and capabilities to mitigate vulnerabilities and weaknesses for software and hardware deployment. Individual must have the foundational qualification at start of task and the residential qualification within 6 months of start, and maintain those specialized credentials in the work role at proficiency level intermediate Education & Certification BA or BS degree in IT, Cybersecurity, Data Science, Information Systems, or Computer Science, from an ABET accredited or CAE designated institution Or Personnel Certification(s): -Certified Chief Information Security Officer (CCISO) -Certified Cloud Security Professional (CCSP) -Certified in Governance Risk and Compliance (CGRC) -CompTIA Advanced Security Practitioner (CASP+) -CompTIA Cloud+ -CompTIA Security+ -Systems Security Certified Practitioner (SSCP Work Location Coronado, CA About Lukos Lukos delivers professional services to the Department of Defense. Lukos has been one of the most successful and most diversified support companies for US Special Operations Command and its components for over a decade. Since our founding, we have grown to support all military services and multiple federal civilian agencies. About Our Name: Lukos is ancient Greek for "wolf". The characteristics of the wolf match our approach to national security. The wolf is known for cunning, aggression, patience, and teamwork. An individual wolf is smart, strong, and resilient, but the true strength of wolves is their ability to work together as a wolfpack. Kipling said it best in The Law of the Jungle. "For the strength of the pack is the wolf, and the strength of the wolf is the pack." At Lukos we take care of our pack by offering full time employees competitive benefits to include: medical, dental, vision, 401(k), life insurance, short and long term disability coverage, paid time off and Federal holidays. Lukos is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, disability, or national origin.