Job Description

Overview

Provide technical and operational support to protect systems under the responsibility of the USARCC-SWA (RCC-SWA) against unauthorized access and inadvertent damage or modification. Develop and support all aspects of RCC-SWA automated information security to include accreditations and assisting in the establishment of local security policies. Enforce Information Assurance Vulnerability Alert (IAVA) and Common Vulnerability and Exposures (CVE) compliance and reporting, and coordinate with intelligence and judicial agencies. Forward information regarding suspicious activities to appropriate agencies as directed by the RCC-SWA Director. Collect, create, and prepare artifacts for inspections directly affecting the RCC-SWA. Program: OMDAC-SWACA

You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position.

Responsibilities

+ Test and evaluate tools and techniques to facilitate recognition of potential security problems, and conduct evaluation of security events and provide findings to the Government.

+ Investigate possible network and Automated Information System (AIS) security events.

+ Ensure devices and assets under respective responsibility are configured, installed and operated IAW current and applicable Army Golden Master (AGM) guidelines and applicable Defense Information Systems Agency (DISA) Security Technical Implementation Guidelines (STIGS).

+ Monitor Information Operations Condition (INFOCON) and other compliance metrics for RCC-SWA networks and ensure all vulnerabilities on RCC-SWA managed equipment are identified and propose a remediation approach for RCC-SWA government consideration.

+ Assist in preparing RCC-SWA Information Assurance Vulnerability Alert (IAVA) impact statements, IAVA extension requests, Plans of Action and Milestones (POA&M), and compliance reporting and verification reports for RCC-SWA managed assets.

+ Validate and report on RCC employee certification and training compliance.

+ Participate in creation of, and track Cybersecurity Service Provider (CSSP) artifacts with and for all divisions in the RCC.

+ Manage Intrusion Prevention System (IPS) to include rule creation and tuning, along with statistic gathering and reporting.

Qualifications

+ Education / Certifications: One year of related experience may be substituted for one year of education, if degree is required.

+ One year of related academic study above the high school level may be substituted for one year of experience up to a maximum of a 4-year bachelor's degree in a Software Engineering or Business Information Systems discipline for three years general experience.

+ Bachelor's Degree or equivalent experience preferably in Computer Science or MIS, IS, Engineering or related field.

+ This position requires candidates to adhere to DoD 8570.01-M.

+ All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. The authorized certifications for this job title are listed as follows:

+ IAT Level:

+ CSSP Analyst

+ Baseline:

+ CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest

+ + CE:

+ GCIA (preferred), GCDA, GCIH, GREM, GCFA, GDAT, GCWN, OSCP, OSCE, GSEC

+ Experience:

+ At least five (5) years of practical experience working with various data (network and system) technologies, with a minimum of two of those years focused on Information Security. Knowledge of certification testing tools.

+ Experience in DoD 8570, 8140, and 8530 requirements

+ Experience in preparation for large-scale inspections (CCRI / CSSP / SAV)

+ Experience with a customer service oriented company

+ Skills & Technology Used:

+ Understanding of DoD facility security requirements. Knowledge of DISA Security Technical Implementation Guides (STIG).

+ Must understand the Risk Management Framework (RMF) to support the Government with the development of RMF packages.

+ Ability to verify that all systems under the direct control of RCC-SWA are properly assessed and authorized in accordance with the RMF and configuration management policies.

+ Ability to manage asset documentation for accreditation and authorization

+ Ability to assess networking requirements and provide solutions

+ Ability to make accurate and independent decisions under pressure

+ Excellent organizational, interpersonal, written, and verbal communication skills

+ Ability to perform comfortably in a fast-paced, deadline-oriented work environment

+ Ability to successfully execute many complex tasks simultaneously across departmental boundaries

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.