Sr. Security Specialist/ Engineer Scientist 2
Telos Corporation Charleston, SC 29404 2016-12-01
Job Description:
This position will be located in Honeywell Facilities in
North Charleston, SC.
Responsibilities:
Evaluation (ST&E), and independent verification and
validation (IV&V) support to networks/enclaves and
programs of record (PORs)/platforms information
technology (PITs), automated tool support, C&A
assessment and package development support, and
incident response support.
Security Test and Evaluation (ST&E) results, and
assisting enclave personnel in preparing Interim
Approval to Operate (IATO) and ATO packages for
review by the Validator, Certifying Authority (CA),
and the Operational Designated Approval Authority
(ODAA)
plans of action and milestones (POA&Ms);
recommending security risk-mitigations; and
requesting extensions for expiring IATOs as required
collaborative meetings with Navy CA/ODAA points of
contact to update and enhance C&A documentation
accordingly
and update the NAVMISSA status trackers as required
performing system discovery, and hardware and
software listings.
perform non-invasive independent application and OS
software and patch inventory and configuration
collection of all system servers and workstations.
methodology to gather version information for all
applications and detailed configuration data about
the underlying operating system and will leave no
data or executables on NAVMISSA equipment.
Implementation Guides (STIGs), Health Insurance
Portability and Accountability Act (HIPAA)
requirements.
policies, and best business practices;
standardized procedures and scoring methodology IAW
DoD policy and DIACAP
vulnerabilities and identify countermeasures
Medicine stakeholders.
applicants with active Secret clearances.
required
Logistics support of C5ISR requirements
Server (2012, 2016).
and DoDI 8510.01 the Department of Defense
Information Assurance Certification and
Accreditation Process (DIACAP). Also DoD Directive
8500.1 .
approved security tools such as Secure Configuration
Compliance Validation Initiative (SCCVI) that
include eEye Retina, and the Assured Compliance
Assessment Solution (ACAS). Candidate must be able
to perform monthly security scans on Navy networks
and provide information to be used in reporting IAVM
status of Navy systems and also provide FISMA
information for systems.
are required
organizational skills are required
requires a US citizenship.
This position will be located in Honeywell Facilities in
North Charleston, SC.
Responsibilities:
- Provide IA support that include providing C&A
Evaluation (ST&E), and independent verification and
validation (IV&V) support to networks/enclaves and
programs of record (PORs)/platforms information
technology (PITs), automated tool support, C&A
assessment and package development support, and
incident response support.
- Provide assistance to enclave personnel in
Security Test and Evaluation (ST&E) results, and
assisting enclave personnel in preparing Interim
Approval to Operate (IATO) and ATO packages for
review by the Validator, Certifying Authority (CA),
and the Operational Designated Approval Authority
(ODAA)
- Provide assistance to Navy Medicine sites in
plans of action and milestones (POA&Ms);
recommending security risk-mitigations; and
requesting extensions for expiring IATOs as required
- Conduct liaison with Navy Medicine sites in
- Make recommendations concerning certification;
collaborative meetings with Navy CA/ODAA points of
contact to update and enhance C&A documentation
accordingly
- Prepare recommendations and project timelines for
and update the NAVMISSA status trackers as required
- Participate in C&A process improvement activities.
- Use automated collection utilities that supplement
performing system discovery, and hardware and
software listings.
- Use Software and testing tools such as eye Retina,
perform non-invasive independent application and OS
software and patch inventory and configuration
collection of all system servers and workstations.
- Use Nessus/ACAS/Retina or other approved automated
methodology to gather version information for all
applications and detailed configuration data about
the underlying operating system and will leave no
data or executables on NAVMISSA equipment.
- Develop the C&A plan for IV&V/ST&E efforts
- Candidate must be familiar with Defense Information
Implementation Guides (STIGs), Health Insurance
Portability and Accountability Act (HIPAA)
requirements.
- Must be familiar with IA vulnerability management
policies, and best business practices;
- Conduct IV&V and ST&Es activities at NAVMISSA
standardized procedures and scoring methodology IAW
DoD policy and DIACAP
- Validate all applicable IA controls; perform a
vulnerabilities and identify countermeasures
- Consolidate, review, analyze, and produce reports
Medicine stakeholders.
- An active Secret Clearance or the ability to obtain
applicants with active Secret clearances.
- Meet DoD 8570 qualifications of IAM Level I or IAT
- B.S. in System Engineering, Physical Science, or
required
- A background Systems Analysis, Systems Architecture,
Logistics support of C5ISR requirements
- Must have knowledge of the following Operating
Server (2012, 2016).
- Must be familiar with and have a working knowledge
and DoDI 8510.01 the Department of Defense
Information Assurance Certification and
Accreditation Process (DIACAP). Also DoD Directive
8500.1 .
- Must be able to use and have a working knowledge of
approved security tools such as Secure Configuration
Compliance Validation Initiative (SCCVI) that
include eEye Retina, and the Assured Compliance
Assessment Solution (ACAS). Candidate must be able
to perform monthly security scans on Navy networks
and provide information to be used in reporting IAVM
status of Navy systems and also provide FISMA
information for systems.
- Strong written and verbal communications skills and
are required
- A professional attitude regarding attention to
organizational skills are required
- The successful candidate must meet eligibility
requires a US citizenship.
