Are you ready for change? We are looking for the best and brightest cyber security engineers to join our winning and innovative information technology team!
The customer has an immediate need for an Information System Security Officer (ISSO) to be part of a small information system security team. This is a fairy small group that support ten critical systems that contain very sensitive data. The successful candidate is expected to perform the following duties:
As the ISSO, the candidate shall:
• have the detailed knowledge and expertise required to manage the security aspects of an IS and is assigned responsibility for the day-to-day security operations of a system.
• coordinate with the system administrators to perform system scan to include but not limited to network devices (e.g. routers, switches, firewalls), servers (e.g. Windows, Linux), databases (e.g. Oracle, MySQL, SQL Server, etc.), and web services (e.g. IIS, Apache, Tomcat, Phusion Passenger, etc.), and document the findings within a system Plan of Actions and Milestones (POA&M).
• ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security authorization package;
• attend technical and security training (e.g., operating system, networking, security management) relative to assigned duties;
• conduct periodic reviews of ISs to ensure compliance with the security authorization package;
• monitor system recovery processes to ensure security features and procedures are properly restored and functioning correctly;
• ensure all IS security-related documentation is current and accessible to properly authorized individuals;
• ensure audit records are collected and reviewed;
• review of audit logs and continuous monitoring tools for IT systems to identify anomalies, hacking, or insider threats;
• build strong relationships within the Security organization and IT staff to hone best practices and drive consistency, and also coordinate with program management;
• train and consult with fellow ISSOs and others, who accomplish day-to-day tasks involved with administering and operating information systems;
• accomplish assessment and authorization support tasks, additionally develop and implement information security procedures for the operation of multiple networked and standalone computers to ensure program information confidentiality, integrity, and availability;
• perform compliance audits, participate in incident handling and lead or assist investigations into security anomalies.
Davis Unlimited Information Technologies, Inc. (DUIT) is a woman owned, minority owned small business information technology consulting company. We have opportunities for advancement and our salaries and benefits are competitive. Check us out on the web at www.duit.us!
We do things differently at DUIT! Contact us to find out how. Together, we can DUIT!
Applicant must have an active security clearance and security background check in order to be considered for this position. If you have already completed a background check/clearance, then that is a plus!
1. Demonstrated knowledge and experience with reviewing security concept of operations, systems security plans, security control assessments, contingency plans, configuration management plans, incident response plans, plan of actions and milestones, risk management plans, vulnerability scanning, and/or vulnerability management plans.
2. Demonstrated knowledge and experience in security systems that involves various computer hardware and software operating system and application solutions in both stand-alone and LAN/WAN configurations.
3. Demonstrated knowledge and experience with security features and/or vulnerability of various operating systems (e.g. Windows, Red Hat Enterprise Linux, CentOS), database (e.g. Oracle, MySQL, SQL Server), web services (e.g. IIS, Tomcat, Apache, Passenger), and network (e.g. Cisco routers, switches, firewalls).
4. Demonstrated knowledge and experience with performing security system scans for network, platform, database, and web services using different security tools (e.g. Nessus, WebInspect, AppDetective).
5. Demonstrated knowledge and experience with performing security system scans for network, platform, database, and web services using different security with IA vulnerability testing and related network and system test tools (e.g., Retina, NMap, ACAS, EVSS, HBSS, Nessus, Security Content Automation Protocol (SCAP)).
6. Demonstrated knowledge and experience with security toolset including anti-virus, Vulnerability Assessment, HIDS and NIDS.
7. Demonstrated knowledge and experience with various technologies and vendors for network (e.g. Cisco, Juniper), platforms (e.g. Microsoft Windows, Linux Redhat/CentOS), database (e.g. Oracle, MySQL, SQL server), and web services (e.g. ISS, Apache, Tomcat, Passenger).
1. Demonstrated outstanding interpersonal skills and team player.
2. Demonstrated outstanding written and verbal communication skills; ability to present reports to management; motivated to thoroughly investigate, analyze, and document system issues and resolutions.
3. Demonstrated outstanding ability to produce quality deliverables and to complete assigned projects on time, provide consistent status updates to ensure IT security projects stay focused.
4. Demonstrated outstanding attention to detail - completes tasks per standard operating procedures; reports discovered anomalies and inconsistencies.
5. Demonstrated outstanding persistent and creative problem solver - strong troubleshooting skills and determined to find solutions to technical problems; identifies root cause and presents possible solutions to management.
6. Demonstrated outstanding work ethic and a proven professional - respectful, dependable, takes initiative and follows through, dedicated to excellence and getting the job done