Vectrus

Overview

The Information Assurance Analyst is responsible for providing key government personnel with policy coordination and interpretation support, general information security support, and assisting with the development and implementation of a defensive security program that protects information systems and documents. Additionally, the individual is responsible for ensuring and documenting that all systems are regularly scanned and audited in accordance with applicable DoD policy and procedures, and that incidents are documented and accounted for as necessary through leadership. Will employ network scanning tools such as ACAS, SCCM, AV, etc., to detect system and network vulnerabilities/deficiencies, as part of a proactive network security policy. Utilizes skills to determine if requisite cyber security patches and remediation procedures have been applied per IAVA requirements. Will provide daily status on findings and recommendations and provide follow-on written technical analyses.

Responsibilities

1. Responsible for providing key government personnel with policy coordination and interpretation support, general information security support, and assisting with the development and implementation of a defensive security program that protects information systems and documents.
2. Responsible for ensuring and documenting that all systems are regularly scanned and audited in accordance with applicable DOD policy and procedures, and that incidents are documented and accounted for as necessary through leadership.
3. Maintains a database to track trends, unauthorized activities, and common practice procedures and remedies to be followed by subordinate units in correcting deficiencies identified during information assurance vulnerability compliance visits.
4. Employs network scanning tools such as ACAS, and SCCM etc., to detect system and network vulnerabilities/deficiencies as part of a proactive network security policy.
5. Provides daily status on findings and recommendations and provides follow-on written technical analyses and reports.
6. Provides 24/7 IAVA reporting, to include review of logs, open tickets, and recommended process for remediation.
7. Responsible for ensuring the appropriate DoD RMF (Risk Management Framework) process is met and the adequate input of documentation, such as ACAS scans, STIGs, HW/SW List and Network Diagrams are updated monthly into eMass to meet the continuous monitoring requirements.
8. Performs other duties and assignments as required.

Qualifications

• Minimum Qualifications
• Education/Certifications: One year related experience may be substituted for one year of education, if degree is required.
• Education:
• High School diploma required.
• Two years of college or equivalent experience preferred.
• Experience:
• The Information Assurance Analyst I position is required to be an expert in all functions of both IAT Level I and IAT Level II positions relating to information assurance tools used on the enterprise environment.
• The Information Assurance Analyst I must be able to apply extensive knowledge of a variety of the IA field’s concepts, practices, and procedures to ensure the secure integration and operation of all enclave systems (NIPR, SIPR, etc.).
• Must be able to rely on extensive experience and judgment to plan and accomplish goals for the enclave environment.
• Must have at least three years of practical experience in working with Windows Server 2012 or higher, operating systems (OS) and Active Directory tools. Must have a basic understanding of networking.
• Requirements:
• U.S. citizenship is required.
• Active Secret Clearance.
• This position requires candidates to adhere to DoD 8570.01-M. All candidates are required to maintain at least one (1) baseline certification and one (1) computing environment (CE) certification. The authorized certifications for this job title are listed as follows:
• IAT Level:
• IAT II
• Baseline:
• CASP, CCNA Security, CISA, CISSP (or Associate), GICSP, GSEC, GCED, GCIH, Security+ CE, SSCP
• CE:
• MCSA: Windows Server 2008/2012/2016
• MCITP: Server Administrator
• MCITP: Systems Administrator
• MCITP: Enterprise Administrator
• MCITP: Windows Server 2008 R2, Virtualization Administrator
• MCT: Microsoft Certified Systems Administrator
• MCT: Microsoft Certified Systems Administrator: Security
• MCSE: Server Infrastructure
• MCSE: Private Cloud
• MCSE: Cloud Platform and Infrastructure
• MCM: Microsoft Certified Master (Any)
• MCSM: Microsoft Certified Solutions Master (Any)
• MCA: Microsoft Certified Architect (Any)
• MCT: Microsoft Certified Architect
• MCT: Microsoft Certified Master
• MCT: Microsoft Certified Systems Engineer
• GIAC Certified Enterprise Defender (GCED)
• GIAC Certified Firewall Analyst
• GIAC Certified Forensic Analyst (GCFA)
• GIAC Certified Forensics Examiner (GCFE)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Incident Handler-certification/training (GCIH)
• GIAC Certified Penetration Tester (GPEN)
• GIAC Certified Perimeter Protection Analyst (GPPA)
• GIAC Certified Windows Network Security Administrator (GCWN)
• GIAC Certified Windows Security Administrator (GCWN)
• GIAC Network Forensic Analyst (GNFA)
• GIAC Reverse Engineering Malware GREM
• Red Hat Certified Architect (RHCA) (Any)
• Red Hat Certified Engineer (RHCE)
• Server +
• DISA Assured Compliance Assessment Solution (ACAS)-VTE (IAT III for ACAS Only)
• EC-Council Certified Security Analyst

We are committed to an inclusive and diverse workplace that values and supports the contributions of each individual. This commitment along with our common Vision and Values of Integrity, Respect, and Responsibility, allows us to leverage differences, encourage innovation and expand our success in the global marketplace. Vectrus is an Equal Opportunity /Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, protected veteran status or status as an individual with a disability. EOE/Minority/Female/Disabled/Veteran.