Network Security Administrator - Ft. Rucker, AL
Posting Date: 7/27/2018
Position Name: Network Security Administrator
Company: Fort Rucker, AL
SCA Wage Category: Exempt
Employee Type: Regular Full Time
Security Clearance Status: Active and/or Able to Obtain
Security Clearance Type: Secret with SSBI
US Citizenship Required: Yes
Job Level: Technician
As the Network Security Administrator, you will be responsible for assisting the Fort Rucker NEC in meeting architectural and Defense-in-depth requirements for IA solutions and participate in the Risk Management Framework (RMF). You will provide information assurance vulnerability management (IAVM), system patches, and anti-virus updates from applicable original equipment manufacturer (OEM), industry, and government sources when published; evaluate each update against system components for operational impact; and deliver and implement each update to system components throughout the operations and maintenance phase of the system lifecycle.
Highlights of Responsibilities:
- Assist the Government in leading post-wide security initiatives that enhance overall network defense in depth, including DoD-mandated requirements in addition to local initiatives.
- Provide DoD PKI Services including directory support, certification validation, registration, interface to related Army systems, hosting of PKI-enabled servers, key management services and PKI solutions for required applications and objectives.
- Provide Security Risk Assessment support, perform risk analysis of resources, controls, vulnerabilities, threats and the impact of losing system capabilities of mission objectives.
- Facilitate decisions to implement security countermeasures or mitigate risk and implement approved countermeasures.
- Participate in the change management process and provide formal written recommendations to the Government for approval and implementation.
- Provide support to the Risk Management Framework (RMF) process in IAW AR 25-1 and NETCOM/NEC guidance. Review, validate, and maintain Tenant Support Plans (TSP) and all other Certification and accreditation (C&A) requirements and documentation for each organization/activity/unit on the installation in order to identify and document each network point of presence.
- Support Information Assurance Vulnerability Alert (IAVA) compliance programs and compliance monitoring of all network connected assets, including touch labor support.
- Perform Network and Workstation scans weekly or more often as required and compile vulnerability reports to facilitate corrections.
- Assist the Government in development of the Mitigation Action Plan (MAP) and IAVM Plan of Action and Milestones (POA&M) IAW ARCYBER/NETCOM/NEC requirements and guidance.
- Ensure new contract personnel obtain the appropriate background investigation/security clearance prior to unsupervised privileged access or management responsibilities to any systems.
- Assist in the planning, implementation and management of a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, wireless intrusion detection sensors (WIDS), content filtering, remote dial-in protection, Host Base Security Services, Directory Services, DoD Information Assurance Certification and Accreditation Program (DIACAP) and Risk Management Framework (RMF).
- Provide various aspects of communications security (COMSEC) services in direct support of the government COMSEC Account Manager (CAM). The Contractor shall perform administrative duties but shall not be the primary or alternate CAM.
- Maintain firewall configurations and alerts; monitor attacks; and review audit logs.
- Provide/push patches for each authorized network-connected device as required.
- Monitor automated systems to detect and report malicious or unauthorized activities on the network.
- Distribute local IA policy, including Network Security, Security Awareness, Remote Access, Acceptable Use, etc.;
- Comply with the management and documentation of hardware/software changes as identified by the local Change Control Board Charter
- Control network access by Access Control Lists (ACLs); review, validate and maintain ACLs to ensure IAW guidelines ports protocols and services (PPS); ensure all ACLs are current and up to date.
- Active DoD Secret Security Clearance With SSBI
- Computing environment certification
- Experience with DISA
- Experience with ACAS
- Experience with web proxy servers
- Experience with QTIP
- Experience with WIDS and Security Appliance
- Experience with FTP
- Experience with VPN(s)
- Experience with DIACAP/RMF accreditation
- Experience with Firewalls & DMZ
- Experience with NIDS/NIPS
- Experience with HIDS/HIPS
- Experience with CCB process
- Experience with SCCM scans
- Experience with IA audit logs/reports
- Experience with War Driving Equipment and Techniques
- Experience with TEMPEST and COMSEC guidelines
- Experience with McAfee/Juniper/NetForensics products
- Windows Server 2008/2012 R2
- Windows Server 2003
- SQL Database and Linux vBrick
- SCCM Trained
- MS Office Suite Proficient
It is the policy of GC&E to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by the federal, state, or local laws or regulations.
We affirm that all compensation, benefits, company-sponsored training, educational assistance, social, and recreational programs are administered without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity. It is our firm intent to support equal employment opportunity and affirmative action in keeping with applicable federal, state, and local laws and regulations.
We maintain a drug-free work place and pre-employment drug testing is required.
The information above has been designed to indicate the general nature and level of work performed by employees with the classification. It is not designed to contain or be interpreted as a comprehensive inventory of duties, responsibilities, and qualifications required of employees assigned to this position