- Posting Date: 04/04/2018
- Position Name: Information Security Specialist
- Company: GC&E Systems Group
- Location: Fort Polk, LA
- SCA Wage Category: Exempt
- Shift: 1st
- Employee Type: Regular Full Time
- Security Clearance Status: Active and/or Able to Obtain
- Security Clearance Type: Top Secret
- US Citizenship Required: Yes
- Job Level: Technician
- Travel: Negligible
As the Information Security Specialist, you will be responsible for assisting the Fort Polk NEC in meeting architectural and Defense-in-depth requirements for IA solutions and participate in the Risk Management Framework (RMF). You will provide information assurance vulnerability management (IAVM), system patches, and anti-virus updates from applicable original equipment manufacturer (OEM), industry, and government sources when published; evaluate each update against system components for operational impact; and deliver and implement each update to system components throughout the operations and maintenance phase of the system lifecycle.
Highlights of Responsibilities:
- Assist the Government in leading post-wide security initiatives that enhance overall network defense in depth, including DoD-mandated requirements in addition to local initiatives.
- Provide DoD PKI Services including directory support, certification validation, registration, interface to related Army systems, hosting of PKI-enabled servers, key management services and PKI solutions for required applications and objectives.
- Provide Security Risk Assessment support, perform risk analysis of resources, controls, vulnerabilities, threats and the impact of losing system capabilities of mission objectives.
- Facilitate decisions to implement security countermeasures or mitigate risk and implement approved countermeasures.
- Participate in the change management process and provide formal written recommendations to the Government for approval and implementation.
- Provide support to the Risk Management Framework (RMF) process in IAW AR 25-1 and NETCOM/NEC guidance. Review, validate, and maintain Tenant Support Plans (TSP) and all other Certification and accreditation (C&A) requirements and documentation for each organization/activity/unit on the installation in order to identify and document each network point of presence.
- Support Information Assurance Vulnerability Alert (IAVA) compliance programs and compliance monitoring of all network connected assets, including touch labor support.
- Perform Network and Workstation scans weekly or more often as required and compile vulnerability reports to facilitate corrections.
- Assist the Government in development of the Mitigation Action Plan (MAP) and IAVM Plan of Action and Milestones (POA&M) IAW ARCYBER/NETCOM/NEC requirements and guidance.
- Ensure new contract personnel obtain the appropriate background investigation/security clearance prior to unsupervised privileged access or management responsibilities to any systems.
- Assist in the planning, implementation and management of a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, virus programs, vulnerability scanning, wireless intrusion detection sensors (WIDS), content filtering, remote dial-in protection, Host Base Security Services, Directory Services, and Risk Management Framework (RMF).
- Review audit logs and report suspicious activity.
- Provide/push patches for each authorized network-connected device as required.
- Monitor automated systems to detect and report malicious or unauthorized activities on the network.
- Distribute local IA policy, including Network Security, Security Awareness, Remote Access, Acceptable Use, etc.;
- Comply with the management and documentation of hardware/software changes as identified by the local Change Control Board Charter
- Active DoD Top Secret Security Clearance
- Computing environment certification
- Windows Server 2012 R2
- Windows 10
- Host Based Security System (HBSS)
- ACAS Vulnerability Scanning
- Security Information and Event Management (SIEM)
- CompTIA Security+ certified
- Must obtain Computing Environment certification within 6 months of hire
- MS Office Suite Proficient
GC&E Systems Group, Inc. offers a competitive benefits package to include: paid holidays, paid time off, medical, dental, vision, flexible spending account, LTD & STD, company paid life insurance, 401(k) and tuition reimbursement.
It is the policy of GC&E Systems Group, Inc. to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by the federal, state, or local laws or regulations.
We affirm that all compensation, benefits, company-sponsored training, educational assistance, social, and recreational programs are administered without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity. It is our firm intent to support equal employment opportunity and affirmative action in keeping with applicable federal, state, and local laws and regulations.
We are proud to be an EEO employer. We maintain a drug-free workplace and pre-employment drug testing and background checks are required.
The information above has been designed to indicate the general nature and level of work performed by employees with the classification. It is not designed to contain or be interpreted as a comprehensive inventory of duties, responsibilities, and qualifications required of employees assigned to this position. Duties, responsibilities and activities may change at any time with or without notice.