Company Overview
At ValidaTek, we modernize and optimize IT services to solve some of the most critical challenges facing federal civilian and defense agencies. From customers to partners to top–talent employees, ValidaTek puts people first, empowering them to exceed expectations and transform government organizations. Our success starts and ends with our people, so we built a company where great people can do great things, with the resources and autonomy to make decisions that transform organizations. We operate as one team of diverse people, united by a passion for continuous growth and optimization. Our commitment to quality and performance optimization is the reason why our IT Service Projects and New Development Projects have been appraised at CMMI Maturity Level 5, positioning us as one of a handful of elite companies to receive the highest form of third–party validation.
Summary
We are seeking a Senior Systems Information Assurance SME to join our Team. The successful candidate will be responsible for ensuring the security and integrity of our organization's information systems and data. The Senior Information Assurance SME will play a critical role in developing and implementing security policies, procedures, and standards to protect our organization's sensitive data from cyber threats. The ideal candidate will have a strong background in information security, risk management, and compliance. The System Security IA SME shall serve as the knowledge expert of security products as well as working knowledge of Microsoft Products such as Microsoft Windows Server, Windows 7, Windows 10, and Office 2013 Products. This SME should have proven experience with Security and auditing Tools for Windows and Linux operating systems such as ACAS and HBSS.
Responsibilities
- Develop and implement information security policies, procedures, and standards in compliance with industry standards, laws, and regulations.
- Assess and manage risks to the organization's information systems and data.
- Monitor, evaluate and report on the effectiveness of information security controls and procedures.
- Collaborate with cross–functional teams to identify and mitigate information security risks.
- Conduct security assessments, including vulnerability and penetration testing, and recommend appropriate remediation measures.
- Develop and deliver information security training and awareness programs for all staff.
- Maintain up–to–date knowledge of emerging security threats, trends, and technologies.
- Provide guidance and direction to other members of the information security team.
Qualifications
- Active DoD Top Secret Clearance.
- Bachelor's in Science degree in Computer Engineering, computer information systems, telecommunications, or management information systems, or have 10+ years of documented experience.
- Industry certifications such as CISSP, CISM, or CISA preferred.
- Day to day operations and maintenance which include but not limited to: review of audit logs, reviewing scans, maintaining network documentation.
- Server/Workstation Security and Maintenance Updates.
- Design/Maintain/Create system configuration and architecture documentation.
- Design/Maintain/Create system process and procedure documentation.
- Develop appropriate security policies, and perform periodic upgrades and updates to servers and network devices on Building Maintenance network to ensure appropriate secured access to data.
- Respond to Network Operations notifications, shall utilize the Assured Compliance Assessment Solution (ACAS) to acknowledge, monitor and create appropriated security reports, and apply recommended IAVA to the Building Maintenance network in specified timeframe.
- Update and track system vulnerabilities, and provide information system security recommendations and assistance.
- The contractor shall comply with all appropriate DoD and applicable agency security standards.
- Vulnerability scanning using ACAS and other security measures to mitigate risks to the network.
- Experience in FISMA, DoD IG Inspection, ACA, and other accreditation and certification programs.
- Knowledge of the Defense in Depth concepts and implementation.
- Knowledge of physical and personal security experience.
- Knowledge of Incident Response, Auditing, and CNDSP.
- Knowledge of and comprehension on how to implement 8570.01–M./DoD8140.
- Maintain virus definitions, patch versions and Department of Defense (DoD) Security Technical Implementation Guides (STIG) levels on all servers, workstations, and laptops.
- Monitor and Maintain Host Based Security System (HBSS).
- Utilize the DoD Assured Compliance Assessment Solution (ACAS) to update, manage and track implementation of information security requirements for the IT assets and resources.
- Provide technical support and implementation for security tools and upgrades.
- Provide installation support for network systems applications.
EEO Statement
ValidaTek is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status. Applicants who are selected for employment will be required to verify authorization to work in the United States. Offers of employment will be contingent upon passing a post–offer background check.
#J-18808-Ljbffr