Job Description

Overview

The Information Assurance Analyst is responsible for providing key government personnel with policy coordination and interpretation support, general information security support, and assisting with the development and implementation of a defensive security program that protects information systems and documents. Additionally, the individual is responsible for ensuring and documenting that all systems are regularly scanned and audited in accordance with applicable DoD policy and procedures, and that incidents are documented and accounted for as necessary through leadership. Will employ network scanning tools such as ACAS, SCCM, AV, etc., to detect system and network vulnerabilities/deficiencies, as part of a proactive network security policy. Utilizes skills to determine if requisite cyber security patches and remediation procedures have been applied per IAVA requirements. Will provide daily status on findings and recommendations and provide follow-on written technical analyses.

This position offers company-paid housing and transportation, a completion bonus and tuition reimbursement program!

You must satisfy all host country requirements to legally work in the host country in order to be qualified for this position.

Responsibilities

+ Responsible for providing key government personnel with policy coordination and interpretation support, general information security support, and assisting with the development and implementation of a defensive security program that protects information systems and documents.

+ Responsible for ensuring and documenting that all systems are regularly scanned and audited in accordance with applicable DOD policy and procedures, and that incidents are documented and accounted for as necessary through leadership.

+ Maintains a database to track trends, unauthorized activities, and common practice procedures and remedies to be followed by subordinate units in correcting deficiencies identified during information assurance vulnerability compliance visits.

+ Employs network scanning tools such as ACAS, and SCCM etc., to detect system and network vulnerabilities/deficiencies as part of a proactive network security policy.

+ Provides daily status on findings and recommendations and provides follow-on written technical analyses and reports.

+ Provides 24/7 IAVA reporting, to include review of logs, open tickets, and recommended process for remediation.

+ Responsible for ensuring the appropriate DoD RMF (Risk Management Framework) process is met and the adequate input of documentation, such as ACAS scans, STIGs, HW/SW List and Network Diagrams are updated monthly into eMass to meet the continuous monitoring requirements.

+ The work environment will be 95% indoor and 5% outdoor.

+ Perform other duties as assigned.

Qualifications

+ Qualifications:

+ Education / Certifications: One-year related experience may be substituted for one year of education if degree is required.

+ High School diploma required. Two years of college or equivalent experience preferred.

+ This position requires candidates to adhere to DoD 8570.01. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. Baseline certifications cannot also be used as a Computing Environment (CE) certification. The authorized certifications for this job title are listed as follows:

+ IAT Level: IAT II

+ BASELINE:

+ Cisco: CCNA Security

+ Cisco: CCNP Security

+ CompTIA: CASP+ ce: Advanced Security Practitioner

+ CompTIA: CySA+ ce: Cybersecurity Analyst

+ CompTIA: Security+ ce

+ GIAC: GCED: Certified Enterprise Defender

+ GIAC: GCIH: Certified Incident Handler: Certified Incident Handler

+ GIAC: GICSP: Industrial Cyber Security Professional

+ GIAC: GSEC: Security Essentials

+ ISACA: CISA: Certified Information Systems Auditor

+ ISC2: CISSP (or Associate): Certified Information Systems Security Professional

+ ISC2: SSCP: Systems Security Certified Practitioner

+ COMPUTING ENVIRONMENT (CE):

+ CompTIA: Server

+ + DISA: ACAS: Assured Compliance Assessment Solution 5.3

+ EC Council: ESCA: Certified Security Analyst

+ GIAC: GCED: Certified Enterprise Defender: Certified Enterprise Defender

+ GIAC: GCFA: Certified Forensic Analyst: Certified Forensic Analyst

+ GIAC: GCFE: Certified Forensics Examiner

+ GIAC: GCFW: Certified Firewall Analyst

+ GIAC: GCIA: Certified Intrusion Analyst

+ GIAC: GCIH: Certified Incident Handler: Certified Incident Handler (Cannot be used as a dual qualifier)

+ GIAC: GCWN: Certified Windows Security Administrator

+ GIAC: GNFA: Network forensic Analyst

+ GIAC: GPEN: Certified Penetration Tester

+ GIAC: GPPA: Certified Perimeter Protection Analyst

+ GIAC: GREM: Reverse Engineering Malware

+ Microsoft: 365 Certified: Enterprise Administrator Expert

+ Microsoft: 365 Certified: Messaging Administrator Associate

+ Microsoft: 365 Certified: Security Administrator Associate

+ Microsoft: Certified: Azure Administrator Associate

+ Microsoft: Certified: Azure Database Administrator Associate

+ Microsoft: Certified: Azure Solutions Architect Expert

+ Microsoft: Certified: Identity and Access Administrator Associate

+ Microsoft: Certified: Information Protection Administrator Associate

+ Microsoft: Certified: Security Operations Analyst Associate

+ Microsoft: MCA: Certified Architect (Any)

+ Microsoft: MCM: Certified Master (Any)

+ Microsoft: MCSA: SQL 2016 Database Admin

+ Microsoft: MCSA: SQL 2016 Database BI Development

+ Microsoft: MCSA: SQL 2016 Database Dev

+ Microsoft: MCSA: Windows Server 2012

+ Microsoft: MCSA: Windows Server 2016

+ Microsoft: MCSE: Cloud Platform and Infrastructure

+ Microsoft: MCSE: Core Infrastructure

+ Microsoft: MCSE: Database Management and Analytics

+ Microsoft: MCSE: Private Cloud 2012

+ Microsoft: MCSE: Productivity Solutions Expert

+ Microsoft: MCSE: Server Infrastructure 2012

+ Experience:

+ The Information Assurance Analyst I position is required to be an expert in all functions of both IAT Level I and IAT Level II positions relating to information assurance tools used on the enterprise environment.

+ The Information Assurance Analyst I must be able to apply extensive knowledge of a variety of the IA field's concepts, practices, and procedures to ensure the secure integration and operation of all enclave systems (NIPR, SIPR, etc.).

+ Must be able to rely on extensive experience and judgment to plan and accomplish goals for the enclave environment.

+ Must have at least three years of practical experience in working with Windows Server 2012 or higher, operating systems (OS) and Active Directory tools. Must have a basic understanding of networking.

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.