Title: SOUTHCOM Program: Computer Sys Security Anlyst 4 Category: Information Systems Location: Miami, FL / USA | Sector: Information Systems
Posting ID: IT/086927
Description:
Northrop Grumman Information Systems sector is seeking a Computer Systems Security Analyst 4 to join our team of qualified, diverse individuals. This position will be located in Miami Florida.
Transforming the future of technology… The qualified applicant will become part of Northrop Grumman's Team supporting the Army Signal Activity - Southern Command's (SOUTHCOM's) mission, which is to plan, engineer, install, operate, maintain, and protect all information technology and information management (IT/IM) systems to enable operations for the USSOUTHCOM HQ and its joint, interagency combined, and tenant elements in Miami, Florida, and selected continental United States sites with a staff of approximately 3,000 (4000 by the year 2011). Northrop Grumman will provide engineers, technicians, software developers, and specialists on-site and on-call to administer ASA-SOUTHCOM's IT/IM systems and networks and to provide support, such as user services, installation and upgrade services, information assurance, logistics and supply support, hardware and software support, help desk services, video teleconferencing (VTC) support, conference room support, tech control facility support, and training support.
Northrop Grumman is assembling a team contingent upon winning the ASA SOUTHCOM procurement, but apply today, preferred positions will be filled quickly.
Roles and Responsibilities:
* Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. May prepare security reports to regulatory agencies.
* The candidate will administer, maintain, configure, and service IT/IM systems installed in support of ASA SOUTHCOM. The services in support of ASA-SOUTHCOM are as follows:
* Support antivirus software updates and apply the definitions to the network servers and workstations.
* Support security incident reporting on all network computer security incidents and spillages.
* Review and support all incoming information technology requests (ITR).
* Support vulnerability assessments in accordance with authority directives; perform information assurance vulnerability alert (IAVA) compliance scans against the servers and workstations on both the SIPRNET and NIPRNET networks; scan the networks to perform vulnerability assessments; and install the latest releases and updates for the Retina client software or appropriate scanning tools.
* Reply to and take action on all JTF-GNO communications tasking orders (CTO) that require ASA-SOUTHCOM input.
* Review and store the systems, security, and application event logs from servers. Review and store network event logs.
* Provide patch management support; maintain the networks' security posture by implementing and managing the Information Assurance Vulnerability Management (IAVM) process, complying with CERT, S-TNOSC, NETCOM/Continental United States (C)-TNOSC, JTF-GNO, DISA, and National Security Agency (NSA) directives.
* Support the Information Assurance Manager (IAM): Implement security policies and procedures for the overall security management of Automated Information Systems (AISs). Oversees the entire security program and ensures the security plan is adhered to. Oversee the Information Assurance Program and ensure the security posture of the HQ's network is maintained to the highest standards. Coordinate with the System Administrators concerning AIS security issues. Maintain security procedures for all AISs and networks, in accordance with SC Regulation 1001 and local operating instructions. Responsible for ensuring all System Administrators (SA) and security staff are appointed in writing. Review the audit logs with the SAs for anomalies. Administer all AIS security matter for the command. Conduct and document risk and self-assessments at least annually. Prepare and maintain plans, instructions, guidance and Standard Operating Procedures (SOPs) regarding the security of automated operations and distribute to system users.
* Oversee the implementation of appropriate countermeasures. Implement and oversee the implementation of the Security Awareness, Training and Education (SATE) Program. Ensure System Administrator evaluated report and document all security problems and vulnerabilities discovered. Prepare all and maintain all System Security Authorization Agreements (SSAA's) and ensure all suspense's are met.
* Implement and manage a wide range of network security systems, to include firewalls, intrusion prevention systems (IPS), mail filters, vulnerability management system (VMS), Host Base Security System (HBSS), intrusion detection systems (IDS), RETINA scanning software, Anomaly Detection System (ADS), Retina Enterprise Management (REM), and the information assurance management systems (IAMS).
* Support firewall administration; build, configure, implement, and monitor the SIPRNET and NIPRNET network firewalls; configure the rules, monitoring and troubleshooting the network traffic traversing through the firewall. The candidate will provide Tier III support to USSOUTHCOM HQ's users and AOR units; and correlate firewall logs with Joint Task Force - Global Network Operations (JTF-GNO) event category reports.
* Support IPS (network and servers). Monitor server performance and ensure all application services are running; maintain and backup the IPS SQL database; correlate the IPS output with the firewall and server logs to determine if any intrusion has occurred; review the server sensor output to the IPS console for suspicious activity on the servers and take appropriate action in accordance with regulatory guidelines; maintain the network keys; and configure the IPS security policy for network sensor and/or server sensors to monitor malicious activity reported by the JTF-GNO and the R-CERT.
* Support Web content filters, and monitor and control access to prohibited Web sites in accordance with regulatory guidance.
* Support email filter administration; validate emails sent to the spam mailbox and forward official blocked emails to the customer; and monitor the filtered emails in the mail repository to eradicate spam emails.
* Support antivirus software updates; manage the antivirus software by monitoring the CERT Web site at least three times a day for newly released definition updates and applying the definitions to the network servers and workstations.
* Monitor the workstations for Spyware and Adware using Spyware and Adware tools and applications.
* Support security incident reporting; collect and gather information pertaining to network computer security incidents and spillages; and create the initial, follow-up, and final report pertaining to each incident. The candidate will brief the ASA security manager and forward the report to the GTL.
* Review and update the system password logs and notify system administrators of any changes required.
* Review and store the systems, security, and application event logs from servers. Review and store network event logs.
* Support the following software and any additional software that may be added or changed:
* Symantec Mail Security
* IronMail Spam Filter
* Cyber-Guard Firewall
* Symantec Antivirus
* DISA Gold Disk utility
* Retna Scans MS Windows 2000/2003
* Site Protector
* Real Secure
* MCAFEE
* Support the following hardware platforms and any additional hardware platforms that may be added or changed:
* DELL Blades servers: IPS
* DELL server: SNORT IDS site protector
* CyberGuard: firewall appliance
* DELL server: Real Secure
* Iron Mail: filter appliance
* DELL server: site protector
* DELL server: Retna scans
* The candidate will control and maintain 100 percent accountability of all visitors, escort badges and ASA technical badges at the ASA-SOUTHCOM main office (MDFR building). The candidate will ensure all visitors sign the required documentation prior to entering the ASA-SOUTHCOM main office. The candidate will ensure that all wireless devices are turned off and left at the receptionist's desk prior to entering the ASA-SOUTHCOM main office. The candidate will be responsible for finger printing all candidates as needed by the contracting facility security office (FSO). The candidate will ensure the front and exit entrance door is secure at times.
* The candidate may be required to travel CONUS (any state in USA) and OCONUS (any country in Central, South America, and the Caribbean to accomplish the tasks contained in this TO.
Minimum Qualifications:
To be considered for this position, you must minimally meet the knowledge, skills, and abilities listed below:
* Bachelors
* 9 Years Experience, or 7 Years Experience with Masters
* The candidate will obtain certification compliance IAW DoD 8570.01-M Information Assurance Workforce Improvement Program and meet the minimum requirements within six months of the task order award.
* Position requires a current TS/SCI (SI/TK)
Preferred Qualifications:
Candidates with these desired skills will be given preferential consideration:
* Bachelors Degree and 9 Years of Information Assurance Experience
This position is contingent upon contract award, budget, and/or customer approval.
For a listing of all Northrop Grumman open positions, please visit our website at www.careers.northropgrumman.com
MULTIPLE POSITIONS. Security Clearance Required.
