IT Systems Manager - Invictus International Consulting, LLC
Colorado Springs, CO
About the Job
Title: Information Security Analyst
Location: Quantico, VA
Clearance: SECRET
Responsibilities:
- Plan, implement, upgrade, or monitor security measures for the protection of computer networks and data
- Ensure appropriate security controls are in place that will safeguard data, files and electronic infrastructure
- Respond to security breaches/viruses and all security A&A/RMF activities
- Manage the day-to-day system security, including physical and environmental protection, incident handling, and information system security training/awareness
- Support the system owners to draft, develop, update, or maintain the system security plan (SSP), and other related documents, following applicable policies, procedures, and templates
- Perform initial risk analysis and present results to the appropriate contacts
- Participate in certification and integration, verification, and validation (IV&V) testing activities
- Play an active role in continuous monitoring to include assessing the security impact of system changes, updating the SSP, managing/monitoring changes to the system, and disposal of the system in accordance with security policies and practices
- Initiate the re-certification/re-accreditation process by formally notifying the proper POC's when changes occur that may affect accreditation authorization
- Ensure all security-related documentation is current and accessible to properly authorized individuals
- Maintain and update IT asset records on behalf of the system owner
- Process information systems access requests, ensuring all users have the requisite security clearance, authorization, need-to-know, and are aware of their security responsibilities before granting access
- Monitor and track status of applicable vulnerability patches
- Ensure configuration management (CM) for the security relevant software, hardware, and firmware is maintained and documented
- Follow procedures developed by the ISSM, authorizing software, hardware, and firmware use before implementation on the system
- Verify system recovery processes are monitored, ensuring that security features/procedures are properly restored and system security requirements are addressed during all phases of the system life cycle
- Ensure that security systems comply with appropriate standards (e.g., DoD 8140.1, CJCSM 6510.01)
- Support investigations related data spills and IT incidents at both government and contractor sites
- Assist the government POC in managing the acquisition, operation, storage, inventory, and disposition of all Communications Security (COMSEC) related material and equipment as required
- Review applicable audit logs for actions to include, but not limited to, security relevant events/activities, suspicious activity, baseline changes, and notify the ISSM of any discrepancies
- The contractor shall write, review, and/or assess security documentation and plans
Requirements:
- Bachelor's degree and 3+ years of relevant experience with Information technology security, Information systems security, or information assurance engineering
- Current DoD 8570 IAT Level II Certification (i.e. GSEC, Security+, SCNP, SSCP)
- Current SECRET clearance
Source : Invictus International Consulting, LLC