Are you interested in Information Assurance and Computer Network Defense (IA/CND) or have you ever worked in or had aspirations to oversee Cyber Defense operations that include Vulnerability Assessment, Scanning, Patching and Remediation? AECOM is looking for someone to employ Defense-in-Depth security strategies across an Enterprise-wide network.
The Information Assurance Practitioner Senior is responsible for maintaining the security, integrity and robustness of a portion of the DoD Global Information Grid (GIG). This includes the infrastructure associated with the GIG (routers and switches), the boundary protection devices (firewalls and proxy servers), intrusion detection devices, software antivirus and anti-spam services and core services within a Network Operations Security Center (NOSC).
Information Assurance Practitioner will work with the Senior Vulnerability Assessment Manager/Auditor with providing Information Assurance (IA) and Computer Network Defense (CND) security capabilities and direction. Performs assessments of systems and networks within the network environment or enclave and identify where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. Works with the IT work centers to develop risk response recommendations for the government client organization including avoidance, transference, acceptance or mitigation of security risks and vulnerabilities.
The candidate will have experience in performing vulnerability assessments that will determine any potential vulnerability associated with networking to include physical and environmental weaknesses that could allow the potential for the client network to be exploited. Candidate will have a proven track record of identifying these weaknesses through onsite physical and remote Blue/Red Team inspections of facilities and collecting and reviewing logical data about the computing and telecommunications networks/devices. Candidate will perform in-depth discussions with operations and network support staff concerning vulnerability assessment practices.
Candidate may be asked to review, although not all inclusive, the following areas during an assessment:
- Information Security and Acceptable Use Policy Review
- Business Continuity Planning and Disaster Recovery Practices
- Domain and Core Server Security Settings
- Logical Access and Privilege Controls
- Wireless Network Security
- LAN/WAN Connectivity
- Remote Access Controls
- VoIP Security
- Patch Management
- Malicious Codes Control (Anti-Virus/Anti-Malware systems)
- Intrusion Detection and Prevention
- Media Control Practices
- Physical and Environmental Security
- Data Leakage Protection
- Network Penetration Assessment Tools (e.g. CoreImpact)
- Host Based Intrusion Prevents Systems
- Forensic Application Suites (e.g. EnCase)
Candidate may be asked to produce, although not all inclusive, the following information as part of an assessment:
- Both Executive and Technical summaries containing the findings and recommendations on how to improve technical deficiencies and potential DISA STIG or IAVA oversights
- All work papers including network vulnerability scan results of locations
- A network inventory summary listing all computing devices examined (Computing device configurations and installed software details)
- A topology detailing WAN/LAN connectivity and critical networking components
Candidate may be responsible for, among other tasks, reviewing and coordinating the implementation of DoD policies and procedures concerning Information Assurance. Candidate will be actively involved in staying abreast of and informing the client of the current government directives, instructions, guidance or policies regarding or impacting Information Assurance.
Excellent communication and presentation skills required.
- Active Secret security clearance (or ability to be granted an interim Secret clearance)
- Achievement of Security+ certification mandatory within 90 days of start
- Achievement of ITILv3 certification mandatory within 90 days of start
- 2+ Years IT or Computer Network Defense (CND) enterprise network experience
- Experience with Intrusion Prevention System, Intrusion Detection System, Host Intrusion Prevention/Detection
- Experience with Vulnerability Assessment, Patching, Remediation
- Shift flexibility mandatory
- MCSE or MCITP or Certified Ethical Hacker (CEH) certification
- Experience with MS System Center Configuration Manager (SCCM)Familiarity with Vulnerability Life-Cycle Management (VLMS)
- Host Based Security System (HBSS)
- Scanning tools such as eEye Retina, Nessus, Accunetix
- Forensic tool such as EnCase
- Experience with Host Based IDS (HIDS)
- Experience with ePolicy Orchestrator (HBSS)
- Experience with Checkpoint, Sidewinder, PIX firewall
- Experience with Virtual Private Network solutions
- Experience with Network Access Control (NAC)
- Experience with Remedy Trouble Ticketing System for Incident tracking
- Experience with Anti-Virus/Anti-Malware systems
Current TS/SCI security clearance