IA & SS – Jrny

Short Description: Information Assurance and Security Specialist – Journeyman (IA & SS – Jrny)

 

FT, Hybrid Position - Only DMV-based candidates will be considered

·         As part of the OCFO technology team, the Security Specialist (Infrastructure Group) will be maintaining and monitoring day to day operation of the OCFO IT infrastructure – Security.

·         The IT Consultant will help and performs, monitoring, maintenance, and security IT infrastructure (physical, virtual and cloud).

·         IT consultant will perform OS, security and application upgrades of servers and network to keep them up to date.

·         IT consultant will develop, implements, maintains and enforces documented standards and procedures for the design, development, installation, modification, and documentation of assigned systems.

·         IT consultant will plan, coordinates, and monitors project activities for OCFO Infrastructure group and duties as assigned.

·         Log analysis of Firewall, AD, Switches and other deployed security products Knowledge of vulnerability assessment tools to identify and mitigate issues.

·         Research, analyze, and patch required systems to comply with OCFO compliance mandates.

·         Respond to escalation calls from the Help desk, Desktop support, and other teams to debug and resolve security and perform maintenance.

·         Understands security troubleshooting processes and cooperates with another team.

·         Assists Service Desk technicians as needed with Tier I and Tier II troubleshooting and patching of desktop systems, software (MS Office, Java, Adobe), printer issues, and server related issues as needed. Provides trouble-shooting assistance on production and non-production supported systems.

·         May recommend methods and techniques for obtaining solutions.

·         Initiates preventive maintenance for the technical system.

·         Responsibilities:

·         Determines enterprise information assurance and security standards.

·         Develops and implements information assurance/security standards and procedures.

·         Coordinates, develops, and evaluates security programs for an organization. Recommends information assurance/security solutions to support customers’ requirements.

·         Identifies, reports, and resolves security violations.

·         Establishes and satisfies information assurance and security requirements based upon the analysis of user, policy, regulatory, and resource demands.

·         Supports customers at the highest levels in the development and implementation of doctrine and policies.

·         Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures.

·         Performs analysis, design, and development of security features for system architectures.

·         Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers.

·         Designs, develops, engineers, and implements solutions that meet security requirements.

·         Provides integration and implementation of the computer system security solution.

·         Analyzes general information assurance-related technical problems and provides basic engineering and technical support in solving these problems.

·         Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle.

·         Ensures that all information systems are functional and secure

 

·         6-10 years of experience developing, maintaining, and recommending enhancements to IS policies/requirements (Required)

·         6-10 years of experience performing vulnerability/risk analyses of computer systems/apps (Required)

·         6-10 years of experience identifying, reporting, and resolving security violations (Required)

·         Patching Server 2008 / 2012 /2016 (Required)

·         Patching Desktop Windows 10 / 7 (Required)

·         Firewall management CISCO NGFW (Required)

·         Vulnerability assessment tools Nessus, Tripwire (Desired)

·         VMware 5.5 / 6.0 (Required)

·         Production support (Required)

·         Server and Desktop troubleshooting (Required)

·         NIST 800-53 experience (Desired)

·         Splunk (Desired)

·         Cloud experience (MS Azure) (Desired)

 

          a. Bachelor’s Degree in IT or related field or equivalent experience (Required)

          b. Security , CISSP, other security certifications (Preferred)

•        6-10 years of experience developing, maintaining, and recommending enhancements to IS policies/requirements. Required

•        6-10 years of experience performing vulnerability/risk analyses of computer systems/apps. Required

•        6-10 years of experience identifying, reporting, and resolving security violations. Required

•        Patching Server 2008 / 2012 /2016. Required

•        Patching Desktop Windows 10 / 7. Required

•        Firewall management CISCO NGFW. Required

•        VMware 5.5 / 6.0. Required

•        Production support. Required

•        Server and Desktop troubleshooting. Required

•        Bachelor’s Degree in IT or related field or equivalent experience. Required

•        Security , CISSP, other security certifications. Desired