IT Systems Manager - Invictus International Consulting, LLC

Title: Information Security Analyst

Location: Quantico, VA

Clearance: SECRET

Responsibilities:

• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and data
• Ensure appropriate security controls are in place that will safeguard data, files and electronic infrastructure
• Respond to security breaches/viruses and all security A&A/RMF activities
• Manage the day-to-day system security, including physical and environmental protection, incident handling, and information system security training/awareness
• Support the system owners to draft, develop, update, or maintain the system security plan (SSP), and other related documents, following applicable policies, procedures, and templates
• Perform initial risk analysis and present results to the appropriate contacts
• Participate in certification and integration, verification, and validation (IV&V) testing activities
• Play an active role in continuous monitoring to include assessing the security impact of system changes, updating the SSP, managing/monitoring changes to the system, and disposal of the system in accordance with security policies and practices
• Initiate the re-certification/re-accreditation process by formally notifying the proper POC's when changes occur that may affect accreditation authorization
• Ensure all security-related documentation is current and accessible to properly authorized individuals
• Maintain and update IT asset records on behalf of the system owner
• Process information systems access requests, ensuring all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before granting access
• Monitor and track status of applicable vulnerability patches
• Ensure configuration management (CM) for the security relevant software, hardware, and firmware is maintained and documented
• Follow procedures developed by the ISSM, authorizing software, hardware, and firmware use before implementation on the system
• Verify system recovery processes are monitored, ensuring that security features/procedures are properly restored and system security requirements are addressed during all phases of the system life cycle
• Ensure that security systems comply with appropriate standards (e.g., DoD 8140.1, CJCSM 6510.01)
• Support investigations related data spills and IT incidents at both government and contractor sites
• Assist the government POC in managing the acquisition, operation, storage, inventory, and disposition of all Communications Security (COMSEC) related material and equipment as required
• Review applicable audit logs for actions to include, but not limited to, security relevant events/activities, suspicious activity, baseline changes, and notify the ISSM of any discrepancies
• The contractor shall write, review, and/or assess security documentation and plans

Requirements:

• Bachelor's degree and 3+ years of relevant experience with Information technology security, Information systems security, or information assurance engineering
• Current DoD 8570 IAT Level II Certification (i.e. GSEC, Security+, SCNP, SSCP)
• Current SECRET clearance