Cyber Security Evaluator III

About The Position

Requirements

• 5+ years experience in cyber security.
• Bachelor’s degree in a related field. Additional years of experience may be substituted for degree requirements.
• Must be Security+ certified.
• Must be Network+ or CCNA certified.
• Must hold the ITIL v3 or v4 Foundations certification or be able to obtain the certification within 60 days of hire.
• Must have firewall experience.
• Experience with intrusion detection and vulnerability assessments.
• Networking experience including routers, switches, and firewalls.
• Must be detail oriented and possess the ability to work in a multi-disciplined environment with an adaptive personality.
• Strong analytical and communication skills.
• Must be a team player able to work professionally and collaboratively with the government customer and other contract members of the project team.
• Must be able to provide support in a 24/7/365 environment including occasionally covering shifts outside of the assigned shift and/or providing after hours, weekend, or holiday support as needed on a rotational basis.
• Must be able to travel to CONUS sites to provide TDY support.
• Must be a US citizen and hold a current Top Secret clearance with SCI access (TS/SCI).
• Applicants selected will be subject to a U.S. government security investigation and must meet eligibility requirements for access to classified information.

Responsibilities

• Apply system security engineering principles to provide realistic a Network Health validation designed to enhance the AFCENT security posture.
• Execute and assist in shaping policy in line with RMF regulations.
• Adhering to standard physical security, information security and information assurance policies under the Cyber Readiness-365 engineering procedures and processes.
• Support auditing effort for all of AFCENT’s mission-based enclaves and systems, as well as implementation of technical controls and ongoing vulnerability management processes (i.e., STIG, IAVA/IAVM, etc.).
• Support Command Cyber Readiness Inspection preparations, to include mock audits, data collection and reporting, Score Card updates, Plan of Actions and Milestones (POA&M) updates, routine assessment reports and assisting OEM Remediation Team.
• Evaluate different network and enclave configurations with respect to the NIST 800-53 Security Controls and formulate and execute effective auditing and incident response programs.
• Support the RMF C&A process, maintenance, POA&M development and maintenance, authoring RMF Policy/Procedures, and similar activities.
• Track, document, and report all security related events, including, but not limited to, Discharge of Classified Information and Cross Domain Violations IAW USCENTCOM/AFCENT policy.
• Coordinate and track Information Assurance Vulnerabilities Alerts (IAVA).
• Review and report AFCENT compliance to USCENTCOM and develop Plans, Objectives, Actions and POA&M if unable to complete task.
• Produce written reports defining each inspection/evaluation to include, processes, procedures, findings, and recommendation.