NETWORK & SYS SECURITY ENG

Responsible for network and security controls design review implementation and troubleshooting of IT security systems including hardware software and appliances.

Duties and Responsibilities:


Responsible for overall review and monitoring of the security for IT security enterprise wide.

Responds to incidents that may impact enterprise security. Works to identify risk elements, and offers solutions to mitigate that risk.

Researches IT security software and hardware solutions, and determines technical applicability to the NEXCOM enterprise.

Configures, maintains, and manages all IT security related devices including Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Firewalls, Proxy Servers, STFP servers, etc.

Manage, monitor, and identify risk for all NEXCOM Internet, Intranet, and Extranet activities. Identify security exposures that may currently exist or may pose a potential future threat to the NEXCOM enterprise.

Configure and maintain both the internal/trusted network and service network security standards and polices.

Provides monitoring and analysis on the output of security devices, including logs, application output, etc. and providing reporting to all levels within the command on risk identification and assessment.

Establish appropriate firewall and proxy server policies, both inbound and outbound.

Acts as a member of the Incident Response Team, identifying the threat, and taking the proper steps to correct the problem.

Complies with DoD, DoN, NAVSUP, PCI, NEXCOM and industry best security practices, standards, and policy directives.

Stays current on security threats, mitigation, and technology, and provides recommendations to all levels of the Information Systems department.

Ensure/implement the rigorous application of Information Security/Information Assurance policies, principles, and practices in the delivery of Systems, Applications and/or Services (Hardware & Software).

Perfoms other duties as assigned.

IAT2 jobs:
SECNAV M 5239.2 DoN, Information Assurance (IA) Workforce Manual requires that all incumbents of this position possess, and maintain current, two types of certifications as follows:
IA Certification: One of the following certifications: Security , GIAC Security Essentials Certification (GSEC), Security Certified Network Professional (SCNP), Systems Security Certified Practitioner (SSCP); or any one of the following higher level certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), GIAC Security Expert (GSE), Security Certified Network Architect (SCNA).
NEXCOM preferred certification is Security Certified Network Professional (SCNP).

Technical Certification: Palo Alto Accredited Configuration Engineer (ACE). Certification must be valid (not expired) as defined by the policy of the certification issuer.
Candidates without the required certification may be placed into this job, but must obtain the required certification within 6 months of appointment; failure to obtain the proper certification requirement will result in termination of employment.

This position is designated IT 1 (Critical Sensitive) in accordance with SECNAV M 5510.30 and will require a favorable Single Scope Background Investigation (SSBI).

Candidates must be eligible for and obtain a Secret Clearance, within 6 months of appointment. Failure to obtain will result in termination.


GENERAL EXPERIENCE: 3 years experience in administrative, technical work, which demonstrated the ability and aptitudes, required to perform technical, managerial, or analytical work and coordination involving management information systems.

OR

SUBSTITUTION OF EXPERIENCE FOR EDUCATION: One year of related academic study above the high school level may be substituted for 9 months of experience up to a maximum of a 4 year bachelor's degree in a Software Engineering or business Information Systems discipline for 3 years general experience.

AND

SPECIALIZED EXPERIENCE: Minimum of 3 years progressive experience in the following:

>Internet/Intranet security analysis including the identification and mitigation of risk to a enterprise network.
>Administration and support of enterprise Information Technologies (IT) security devices including Firewalls, Proxy Servers, Intrusion Detection and Intrusion Prevention devices.
>Determining, reviewing, and/or implementing security policies in an enterprise network.
>Experience in supporting a multi site, enterprise environment, in a diverse, world wide geographic area.

IAT2 jobs:
SECNAV M 5239.2 DoN, Information Assurance (IA) Workforce Manual requires that all incumbents of this position possess, and maintain current, two types of certifications as follows:
IA Certification: One of the following certifications: Security , GIAC Security Essentials Certification (GSEC), Security Certified Network Professional (SCNP), Systems Security Certified Practitioner (SSCP); or any one of the following higher level certifications: Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), GIAC Security Expert (GSE), Security Certified Network Architect (SCNA).
NEXCOM preferred certification is Security Certified Network Professional (SCNP)
Technical Certification: Palo Alto Accredited Configuration Engineer (ACE). Certification must be valid (not expired) as defined by the policy of the certification issuer.
Candidates without the required certification may be placed into this job, but must obtain the required certification within 6 months of appointment; failure to obtain the proper certification requirement will result in termination of employment.

This position is designated IT 1 (Critical Sensitive) in accordance with SECNAV M 5510.30 and will require a favorable Single Scope Background Investigation (SSBI).

Candidates must be eligible for and obtain a Secret Clearance, within 6 months of appointment. Failure to obtain will result in termination.