U.S. Citizenship is required.
* Provides technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation.
* Responsible for designing and implementing solutions for protecting the confidentiality, integrity and availability of sensitive information.
* Provides technical evaluations of customer systems and assists with making security improvements.
* Participates in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimizing operations impact to customer organization.
* Conducts security product evaluations, and recommends products, technologies and upgrades to improve the customer's security posture.
* Conducts testing and audit log reviews to evaluate the effectiveness of current security measures.
* Eight (8) years of general cyber security experience. Experience must include familiarity with applicable NIST information security documentation; i.e., Special Publication 800 series. Experience must have occurred within the past three (3) years.
* Six (6) years of specialized experience in National Institute of Standards (NIST) IT Security standards and possess at least one of the following industry recognized security certifications: Certified Information System Security Professional (CISSP) or Certification Information System Auditor (CISA), or a Global Information Assurance Certification (GIAC) in one of the five disciplines (Security Administration, Security Management, Forensics, IT Audit or Software Security). Three (3) years of this functional experience must have included securing and evaluating information management systems, security design; development, test and evaluation tasks and duties specified in SOW and must have occurred in the last five (5) years.
* Combined five (5) years working experience in the disciplines of: Web security server vulnerability assessments, Network auditing, Network traffic/packet analysis, Hands-on work experience with web server administration (Apache, IIS)
* Hands-on work experience with at least three of the following: .Net, PHP, Active Directory, DNS, Nessus or Foundstone, CSAM or other SSP tracking tool, Content Filtering, Anti-virus, White-listing software
Must Have Certifications:
Certified Information System Security Professional (CISSP) or Certification Information System Auditor (CISA), or a Global Information Assurance Certification (GIAC) in one of the five disciplines (Security Administration, Security Management, Forensics, IT Audit or Software Security).