Analyst II - Global Business Solutions, Inc.

• Supports system design and troubleshooting data collection and delivery methods for real-time Cyber Defense Operations;
• Implements Risk Management Framework, including Assessment and Accreditation (A&A);
• Provides STIG and IAVM Support;
• Maintains systems in accordance with DoD policies and procedures;
• Maintains baseline systems in accordance with DoD Certification and Accreditation (C&A) requirements;
• Reviews ACAS scans for compliance;
• Develops IA compliance reports;
• Utilizes EMASS for documentation management;
• Utilizes Remedy ticketing system for trouble management documentation;
• Provides support for the escalation and communication of status to DoD agencies and internal customers;
• Conducts risk assessments on systems, networks, CS processes, and operations;
• Ensures information is protected against unauthorized access, disclosure, misuse, disruption or modification;
• Performs information assurance analysis, scanning, remediation, vulnerability assessments, and maintains all required and applicable artifacts;
• Updates antivirus/anti-malware and other component definitions daily on training networks;
• Develops, collects, contributes, and provides RMF/C&A artifacts. Artifacts include hardware and software lists, identification of ports, protocols, and services, accreditation boundary diagrams, data flow diagrams, mitigation plans, vulnerability scans, and other related artifacts;
• Assists with security reviews, monitors, and enforces IA policies and procedures, and performs Cyber risk management, risk analysis, and remediation;
• Performs IA through all stages of system acquisition, development, implementation, and maintenance;
• Performs security monitoring on applicable networks and immediately reports to ISSM any detection of a virus, spillage, incident, event, or lack of ability to meet an IA safeguard;
• Ensures Information Assurance Vulnerability Alert (IAVA)/IA Directive compliance to include IAVM, ALCND, EXORDs, FRAGORDs, NCDOC Directives, and HBSS;
•  Installs/Tests/Deploys IAVA/STIG security patches/configurations and provides applicable security artifacts/reports/status;
• Implements and completes Security Technical Implementation Guide (STIG) checklists for applicable systems/networks;
• Conducts applicable daily/monthly/quarterly auditing tasks such as system, application, and security log review, and configuration baseline review;
• Monitors and reports on DoD and DoN mandated safeguards;
• Configures and deploys the full HBSS suite and underlying operating system in accordance with DoD Cyber Tasking Orders (CTOs) and established policies;
• Performs day-to-day administration, test, and monitor framework and infrastructure;
• Develops technical SOPs, performs testing and validation, develops signatures, and audit controls;
• Conducts routine compliance audits, security log reviews, security incident responses, and low-level troubleshooting;
• Establishes metrics, monitors the HBSS program, monitors threats, and provides briefs and reports;
• Develops operational processes, models, and frameworks to meet operation and security requirements;
• Remains compliant with current software configuration requirements.

• Master’s degree in a technical field plus one (1) year of relative IT administration experience; OR Bachelor’s degree in a technical field plus three (3) years of relative IT administration experience; OR Seven (7) years of relative IT administration experience in lieu of a degree;
• Three (3) years of industry accepted Information Technology (IT) experience is required;
• DoD-issued Top Secret/Sensitive Compartmented Information (SCI) Security Clearance is required;
• Required to have at start and ability to maintain current IAT Level II Certification (Security+, GSEC, GICSP, SSCP, or CCNA-Security) in accordance with DoD 8570.01-M Information Assurance Workforce Improvement Program guidelines;
• Knowledge of Security Technical Implementation Guides (STIGs) is required;
• Knowledge of Assured Compliance Assessment Solutions (ACAS) Scans is required;
• Experience with Risk Management Framework is required;
• Windows and/or Linux client server environments is required;
• Experience with GPOs, DNS, patch management, user account management, file/folder permissions is required;
• Experience with vulnerability remediation tools such as ACAS, Nessus, SCAP, HBSS, or equivalent is required;
• Experience with VMWare server/workstation, and virtualization technologies, network infrastructure installation, configuration, and maintenance is required.

Established in 1995, Global Business Solutions, Inc. offers customers a distinctive blend of information technology capabilities, education and training services, and information assurance solutions. Managed by a team of executive leaders experienced in the field of information technology and training services within the industry and government, GBSI prides itself on exceeding expectations. Our award-winning solutions give clients the support tools needed to successfully deliver in evolving environments with confidence.

GBSI is an affirmative action/equal opportunity employer. All Qualified applicants will receive consideration for employment without regard for race, religion, color, national origin, sex, age, status as a protected veteran, among other things, or status as a qualified individual with a disability.

This Contractor and subcontractor shall abide by the requirements of 41 CFR-60-300.5(a). This regulation prohibits discrimination against qualified protected veterans, and requires affirmative action covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans.

Pay Transparency Nondiscrimination Provision:

GBSI will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with GBSI’s legal duty to furnish information.

Drug Free Workplace:
We maintain a drug-free workplace and perform pre-employment substance abuse testing.