Job Title:  CND Specialist (ACAS)
Work Location: Miami, FL
Position Type: Full Time
Availability: Immediate

Clearance Level:  Secret with the ability to obtain Top Secret/SCI

 Job Description:

The candidate shall provide a variety of services conducive to the effective management and tracking of downward directed Task Orders (TASKORDs), Operations Orders (OPORDS), Information Assurance Vulnerabilities (IAVA) and/or IA Vulnerability Bulletins (IAVB) and other notices disseminated by diverse Department of Defense (DOD) agencies.  In addition, the candidate will support USSOUTHCOM’s Tenable Security Center (and associated modules) ensuring the system integrity and availability for all subscribed users while making configuration recommendations to increase the effectiveness of the tool.

 Duties may include but will not be limited to:

  • Investigate and analyze new threats, vulnerabilities, and exploits. This includes documenting and developing countermeasures using the Defense Information Systems Agency (DISA) Assured Compliance Assessment Solution (ACAS)
  • Identify security impacts to the ACAS capability
  • Review and diagnose enclave security practices and use of Vulnerability Management System to define security status
  • Develop Tactics, Techniques, and Procedures (TTPs) for ACAS processes
  • Provide direct support to define system support requirements in order to support the ACAS suite of software tools in support of configuration management and sustainment.
  • Conduct testing of new ACAS technologies and develop documentation to meet suspense dates
  • Determines Enterprise Information Assurance (IA) and security standards
  • Develops and implements IA/security standards and procedures.
  • Coordinates, develops, and evaluates security programs for an organization
  • Recommends IA/security solutions to support customers’ requirements
  • Identifies, reports, and resolves security violations
  • Establishes and satisfies IA and security requirements based upon the analysis of user, policy, regulatory, and resource demands 
  • Supports customers at the highest levels in the development and implementation of doctrine and policies 
  • Applies know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures 
  • Performs analysis, design, and development of security features for system architectures
  • Analyzes and defines security requirements for computer systems which may include mainframes, workstations, and personal computers
  • Designs, develops, engineers, and implements solutions that meet security requirements. 
  • Provides integration and implementation of the computer system security solution 
  • Analyzes general IA-related technical problems and provides basic engineering and technical support in solving these problems
  • Performs vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle 
  • Ensures that all information systems are functional and secure
  • Performs basic vulnerability scans using vendor utility tools. Monitors security audit and intrusion detection system logs for system and network anomalies
  • Investigates and/or escalates security violations, attempts to gain unauthorized access, virus infections that may affect the network or other event affecting security
  • Assists in providing engineering analysis, design and support for firewalls, routers, networks and operating systems
  • Assists in performing product evaluations and recommends products/services for network security
  • Validates and tests basic security architecture and design solutions to produce detailed engineering specifications with recommended vendor techniques
  • Develops, tests and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools
  • Assists in the review and recommends the installation, modification or replacement of hardware or software components and any configuration changes that affect security
  • Assists in providing oversight and enforcement of security directives, orders, standards, plans and procedures at server sites

Additional Technical Skills /Experience Desired:

  • Certified Ethical Hacker/OS Certification, CND-IR
  • Experience working with internet, web, application and network security techniques.
  • Experience working with relevant operating system security
  • Experience working with leading firewall, network scanning and intrusion detection products and authentication technologies
  • Experience working with federal regulations related to information security
  • Experience working with NIST Special Publications and C&A process methodology
  • Strong written and oral communications skills.

Minimum Training/Certification requirements:

 DOD 8570.01-M  -  IAT Level III

  • Baseline Certification
    • Certified Information System Security Professional(CISSP) or
    • CompTIA Advanced Security Practitioner (CASP)
  • Computing Environment
    • Certified Ethical Hacker