Virtual Inertia is currently seeking a Network Security Specialist to join our team in Aberdeen Proving Ground, MD, on a program that will provide you the professional development and growth you've been seeking. This position is both onsite and remote. VIC provides information security, enterprise architecture, software development and health IT solutions to federal government customers. Our employees embrace innovation and are committed to a culture of continuous, standards-driven process improvement and assimilation of industry best practices. We are seeking a Network Security Specialist to support the High-Performance Computing Modernization Program (HPCMP) Integrated Technical Service (Restricted) (HITS-R) contract with the DoD.
- Provide support to HPCMP's Defense Research Engineering Network (DREN) Infrastructure Information System Security Manager (ISSM) in meeting their duties and responsibilities.
- Implement and enforce all DoD Information System (IS) and Platform Information Technology (PIT) system cybersecurity policies and procedures, as defined by cybersecurity-related documentation to include the Risk Management Framework (RMF).
- Ensure that all users have the requisite security clearances and access authorization and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systems.
- Coordinate with the DREN ISSM, initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO.
- Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals.
- Support and administer data retention and recovery within the computing environment (CE).
- Participate in the development or modification of the CE Cybersecurity (CS) program plans and requirements IAW with RMF and IAVA Management to include DISA STIGs.
- Develop procedures to ensure system users are aware of their CS responsibilities before granting access to DoD information Systems. Process and review DD-2875s.
- Ensure that CS requirements are integrated into the DREN Continuity of Operations Plan.
- Ensure that CS security requirements are appropriately identified in CE operation procedures.
- Develop security requirements and maintain lists of hardware, software, and services acquisitions specific to the DREN CS program.
- Ensure that IA and IA enabled software, hardware, and firmware comply with appropriate security configuration guidelines, policies, and procedures.
- Create and review site security plans (SSP).
- Prepare for Assess and Authorize (A&A) and Cybersecurity Assessment (CSA) inspections and ensure that CS inspections, tests, and reviews are coordinated.
- Prepare and maintain artifacts for the Assess and Authorize (A&A), Authority to Connect (ATC), Assess Only (AO) and Cybersecurity Assessment (CSA) inspections and ensure that CS inspections, tests, and reviews are implemented.
- Evaluate the presence and adequacy of security measures proposed or provided in response to requirements contained in HPCMP program documents.
- Advise the Authorizing Official/Authorizing Official Designated Representative of any changes affecting the enclave's CS risk level and security posture.
- Ensure IAT Levels I - III, IAM Levels I and II, and anyone with privileged access performing IA functions receive the necessary initial and sustaining IA training and certification(s) to carry out their IA duties. Ensure that the Program's supported users receive initial and annual IA Awareness training by verifying completion in ATCTS.
- Prepare/oversee the preparation of CS assess and authorization or assess only documentation.
- Ensure information ownership responsibilities are established for each DoD IS and implement a role-based access control schema.
- Maintain POA&M vulnerabilities and evaluate cost benefit, economic and risk analyses.
- Document recommendations for the AODR/AO that identify the impact on levels of risk and/or overall effectiveness of the enclave's CS program.
- Analyze identified security strategies and recommend the best approach for the enclave.
- Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
- Monitor and evaluate the effectiveness of the enclaves' CS security procedures and safeguards to ensure they provide the intended level of protection.
- Ensure that implementation and verification of compliance with HPCMP's policies for reporting of security violations and incidents to the HPCMP's Cybersecurity Service Provider (CSSP).
- Evaluate and approve development efforts consistent with the Interim Authority to Test (IATT) process to ensure that baseline security safeguards are appropriately installed and mitigated.
- Provide Cybersecurity and privacy analysis and consulting throughout the security assessment and compliance life cycle process.
- Maintain responsibility for the planning and continuous monitoring of Cybersecurity and privacy policies, programs, compliance artifacts, or standards for government and industry security compliance and systems accreditation and management.
- Serve as an expert authority for the respective network security activities, including assessments, documentation development/sustainment, and policy implementation
- Provide technical information and coordinate work efforts to influence and persuade staff to accept and implement findings and recommendations.
- Develop the documentation, validation, and accreditation processes necessary to ensure network architectures meet security and privacy requirements.
- Develop contingency plans (Disaster Recovery or Business Continuation Plans for information technology systems) to ensure availability and accessibility of network
- Review and evaluate security incident response policies, identify the need for changes based on new security technologies or threats, test and implement new policies and establish measures to ensure awareness and compliance.
- Recommend network security requirements resulting from new Public Law, Presidential directive, or other external mandate, integrate security programs across business units and organizations, and define the scope and level of detail for security plans and policies.
- Communicate complex technical requirements to nontechnical personnel, prepare and present briefings to senior management officials on complex/controversial network security issues.
- Protect network devices by defining access privileges, control structures, and resources.
- Recognize problems by identifying abnormalities and reporting violations.
- Recommend network security improvements by assessing current situation; evaluating trends; and anticipating future requirements.
- Understand technical network security controls and recommend implementation approaches.
- Complete all requirements and package them to meet requirements for Risk Management Framework to ensure a successful accreditation.
- Bachelor's Degree in Computer Science, Engineering, or similar field from accredited university. (Applicable cybersecurity experience -- minimum of five years may be substituted for a degree)
- At least 5 years of experience supporting Cybersecurity implementation in a DoD network environment as an ISSO, Network Engineer/Specialist, or Systems Administrator.
- DoD 8570 IA Baseline Certification compliance: IAT Level II or IAM Level II (for example Security+, or CISM or CISSP)
- Minimum DoD Secret Clearance: (SSBI/T5 Investigation completed Preferred for privileged access).
- Exceptional communication skills, oral and written.
- Experience and proficiency with eMass and RMF.
- Proficient with Microsoft Office applications (Word, Excel, PowerPoint, Visio).
- Working knowledge and understanding of Networks, network terminology, and network equipment (routers, switches, etc.). Networking certificate highly desired.
- Excellent critical thinking and problem-solving skills.
**COVID-19 Vaccination Requirement Statement
The COVID-19 vaccination requirement in Executive Order 14042 and FAR 52.223-99 is currently not effective. But please note that if those or other related requirements become effective, positions will require successful candidates to obtain and show proof of COVID-19 vaccination(s). VIC is an equal opportunity employer and will provide reasonable accommodation to those individuals who are unable to be vaccinated consistent with federal, state, and local law.
Virtual Inertia is an Equal Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, gender, color, age, sexual orientation, gender identification, national origin, religion, marital status, ancestry, citizenship, disability, protected veteran status, or any other factor prohibited by applicable law.
Job Type: Full-time
Pay: $46,842.00 - $159,171.00 per year
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Vision insurance
- 8 hour shift
- Bachelor's (Preferred)
- cybersecurity implementation in a DoD network environment: 5 years (Required)
- eMass and RMF: 5 years (Required)
- DoD 8570 IA Baseline Certification (Required)
- Secret (Required)
Work Location: One location