Enterprise Information Services, Inc.

  • Lead Cyber Defense Assessment Analyst

    Job Location KR | KR-27
    ID
    2018-3653
    # of Openings
    1
    Targeted Job Start Date
    1/3/2019
  • Overview

    This project will provide defensive cyberspace operations (DCO) support to Defensive Cyberspace Operations Division (DCOD), US Army Regional Cyber Center-Korea. The DCOD environment includes any hardware, software, application, tool, system, or network used by the Government, whether developed, leased, or commercially purchased.

     

    Work shall include current and new systems at various lifecycle stages, and any future applications/systems not currently identified. DCO services are required to defend against unauthorized activity on all Army assets residing on the NIPRNet and SIPRNet. This includes activities from external hackers who may attempt to gain unauthorized access, insider threats attempts for unauthorized access, and policy violations that may impact network security and operations. The Contractor shall be required to continue performance during peacetime, crisis, hostilities, and war operations.

    Responsibilities

    • Ability to recognize a cyber security incident, taking appropriate action to report the incident and preserve evidence, mitigating any adverse impact, and devising defensive measures.
    • Develop and implement access control lists on routers, firewalls, and other network devices.
    • Identify vulnerabilities resulting from a departure from an implementation plan or that were not apparent during testing.
    • Install and maintain perimeter defense systems including intrusion detection systems, firewalls, grid sensors, etc., and enhance rule sets to block sources of malicious traffic.
    • Implement and monitor IA safeguards for systems in accordance with implementation plans.
    • Comply with system termination procedures and incident reporting requirements related to potential CE security incidents or actual breaches.
    • Identify and/or determine whether a security incident is indicative of a violation of law that requires specific legal action.
    • Monitor and evaluate the effectiveness of enclave IA security procedures and safeguards.
    • Examine enclave vulnerabilities and determine actions to mitigate them.
    • Support the design and execution of security exercises.
    • Conduct tests of network devices and IA safeguards in accordance with established test plans and procedures to ensure compliance with security policies, procedures, and requirements.
    • Research, evaluate, and provide feedback on problematic IA trends and patterns in customer support requirements.
    • Direct and/or implement operational structures and processes to ensure an effective enclave IA security program including boundary defense, incident detection and response, and key management.

    Qualifications

    Clearance and Certifications

    • Top Secret security clearance
    • DoD IAT Level III - CASP CE, CCNP Security, CISA, CISSP (or Associate), GCED, or GCIH

    Any of the following:

    Additional Qualifications                                   

    • At least 7 years of experience in Information Assurance technology or a related area.
    • Extensive experience in being able to recognize a cyber security incident, taking appropriate action to report the incident and preserve evidence, mitigating any adverse impact, and devising defensive measures.
    • Experience in development and implementation of access control lists on routers, firewalls, and other network devices.
    • Experience in identification of vulnerabilities resulting from a departure from an implementation plan or that were not apparent during testing.
    • Experience in installation and maintenance of perimeter defense systems including intrusion detection systems, firewalls, grid sensors, etc., and enhancing rule sets to block sources of malicious traffic.
    • Experience in implementing and monitoring IA safeguards for systems in accordance with implementation plans.
    • Experience in complying with system termination procedures and incident reporting requirements related to potential security incidents or actual breaches.
    • Experience in Identifying and/or determining whether a security incident is indicative of a violation of law that requires specific legal action.
    • Experience in monitoring and evaluating the effectiveness of enclave IA security procedures and safeguards.
    • Experience in examining enclave vulnerabilities and determining actions to mitigate them.
    • Experience in supporting the design and execution of security exercises.
    • Extensive experience in conducting tests of network devices and IA safeguards in accordance with established test plans and procedures to ensure compliance with security policies, procedures, and requirements.
    • Experience in researching, evaluating, and providing feedback on problematic IA trends and patterns in  customer support requirements.
    • Ability, knowledge, experience, certifications, and skills to perform those requirements at contract start date.
    • ITIL Foundations certification (within three months of contract start date or hiring date)
    • All DCO analysts shall have specialized experience in Information Technology (IT) defense infrastructure (Sensors, Vulnerability Scanners, Firewalls, etc.) and a working knowledge of wireless technology and Army operating systems (OS) (i.e. Windows, Apple, and UNIX).
    • 7 years of experience in Cyber Intrusion Analysis
    • Experience working independently to solve problems quickly and completely.
    • Experience leading the work of others.

    EIS is an Equal Opportunity Employer/M/F/V/Disabled.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed