ITility, LLC

  • SME - Information Security Analyst

    Job Locations US-VA
    Posted Date 3 weeks ago(11/1/2018 10:22 AM)
    Job ID
    2018-1915
    # of Openings
    1
    Category
    Information Technology
  • Overview

    ******THIS POSITION IS CONTINGENT UPON CONTRACT AWARD******

     

    ITility is seeking a highly qualified professional to fill a SME – Information Security Analyst position in support of the Program Executive Office Enterprise Information Systems (PEO-EIS) Product Lead Logistics Information Systems (PL-LIS).

    Perform, analyze, report sec scans/ manual checks for systems and lab environments

    Responsibilities

    • Perform Hard/Software IV&V. Report discrepancies.
    • Identify, analyze, report security config.
    • Validate/post Security Assessment Plan.
    • Validate SSP Analysis for supported systems.
    • Perform IV&V for systems under test & ensure fully compliant with current IAVM status.
    • Analyze IAVA for applicability, notify Sys Mgrs. Analyze OS/3rd party soft vendor's critical sec notifs & patches not yet IAVAs for impl decisions.
    • Support Government Cybersecurity A&A, and Connectivity or Interconnectivity activities.
    • Provide A&A doc to DoD. Report IAVAs, STIGs and Bulletins within POA&M.
    • Provide comprehensive, up to date software scanning and remediation every month. Provide Gov with Scan Reports.
    • Eval/notify IAM of IAVAs identified by ARCYBER OPORT within 14 days.
    • Monitor update reqs including vendor sites, mailing lists, third party sources, vulnerability scans and (NETCOM) SharePoint site for IAVA messages.
    • Make mitigation, patching, upgrade, modification recommendations & provide a POA&M for requirements not fulfilled on time.
    • Provide digital copy to Gov.
    • Provide comprehensive, updated software scan using current Army Best Practices for scanning/remediation every month.
    • Implement STIGs within 30 days from release. Where an update cannot be technically applied, doc in POAM w/ mitigations. If an update cannot be applied within 30 days, provide milestone schedule in POAM for Gov approval
    • Create, post, maintain IAVA Status metrics
    • Analyze, verify, compile, collate data IAVA status/compliance.
    • Init, prep, sub, track Compliance Ext or Waiver Request
    • Track, manage RMF efforts
    • Input/maintain system authorization data in DB of record.
    • Create, rev, updt, mng POA&M w/ content from Sys Mgrs
    • Validate SSPs ensuring plans up to RMF standards.

    Qualifications

     

    • 7 years' experience in Risk Management Framework processes.
    • Bachelor's Degree in Information Technology
    • Possess or be eligible to obtain Army 8570 Baseline Certification IAT-II AND IT-II Personnel Security Standard.
    • Must provide proof of current DoD 8570.01M IAT-II Baseline Certification as part of proposal.
    • Secret Security Clearance is required for this position.

    ITility is an Equal Opportunity Employer

    ITility is committed to providing a work environment that is non-discriminatory, harassment free, fair, ethical and inclusive.


    ITility is committed to the principle of equal employment opportunity, and complies with all applicable laws which prohibit discrimination and harassment in the workplace. ITility strictly prohibits discrimination or harassment based on race, color, religion, national origin, sex, age, disability or any other characteristic protected by law in all terms, conditions and privileges of employment, including without limitation, recruiting, hiring, assignment, compensation, promotion, discipline and termination. This policy covers conduct occurring at ITility’s offices, client sites, other locations where ITility is providing services, and to all work-related activities.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed