This job description summarizes the main duties of the job. It neither prescribes nor restricts the exact tasks that may be assigned to carry out these duties. This document should not be construed in any way to represent a contract of employment. Management reserves the right to review and revise this document at any time.
With a wide range of knowledge, performs independent assessment of the information security posture of an organization using applicable tools. Assesses information network threats such as computer viruses. Operates vulnerability assessment equipment in support of penetration analyses. Provides guidance to less experienced information security professionals. Prepares evaluation reports. Recommends remedial action.
DUTIES AND RESPONSIBILITIES:
Provide support to plan, coordinate, and implement the organization's information security. Provide support for facilitating and helping agencies identify their current security infrastructure and define future programs, design and implementation of security related to IT systems.
Monitors security systems, and analyzes potential threats and vulnerabilities to client systems.
Develops new computer and network security systems, including both hardware and software.
Coordinates technical incident response and remediation activities for client environments.
Provides security analysis and consultation services for product, system and network architecture designs.
Develops tools for operational use and analyzes current threats to information security and systems.
Analyzes network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.
Launches and tracks investigations to resolution.
Composes and sends alert notifications.
Analyzes security findings and data.
Publishes reports and keeps metrics for client systems.
Identifies trends and root causes of system failures or vulnerabilities.
Maintains vendor and trusted partner relationships.
Ensures that the Information Systems Security departments policies, procedures, and practices as well as other systems user groups are in compliance.
Ensures that the physical environment of the computers and their terminals are properly secured.
Experience in several of the following areas is required: understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current Internet/EC technology. Ability to serve as Information System Security Officer (ISSO).
EDUCATION & EXPERIENCE:
Typically requires a bachelors degree in engineering, computer science or related discipline (or equivalent such as certifications in systems administration or network security) and five to seven years of related experience.
Must possess TS/SCI security clearance with FS polygraph.
Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.
- Clearance : Top Secret with Life Style Poly clearance, currently active