Cyber Security Officer
Salary: $60,557 – $141,555
Conduct all aspects of Information Assurance of Agency systems to include:
-
Provide Defense in Depth principles and technology in security engineering designs and implementation
-
Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
-
Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis
-
Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
-
Engineer and deploy network defense countermeasures such as anti-virus, anti-spam, and intrusion detection and prevention system solutions
-
Analyze IA security events, including threat model development and resulting security risk analysis of systems
-
Review and assess information security events and logs via sophisticated security information/event manager
-
Assess and mitigate system security threats/risks throughout the program life cycle
-
Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures
-
Maintain Agency public key infrastructure system Implement security designs in hardware, software, data and procedures
-
Perform vulnerability assessments and penetration testing
-
Conduct certification and accreditation planning and testing
Minimum qualifications:
Candidates should have a bachelor's degree from an accredited college or university with a curriculum in information assurance, computer science, mathematics, computer engineering or other technical field, or the equivalent verifiable work experience. Candidates should also possess:
-
One (1) year of associated in-depth IA class work or relevant IA work experience.
-
Excellent oral and written communications skills
-
Strong commitment to continuous learning
-
Ability to work in a team environment and the ability to listen well and work with others.
Desired qualifications:
-
A track record of progressively responsible information assurance experience in one or more of the following information security areas: ICD 503 (DCID 6/3) certification and accreditation, IA system evaluations, system security penetration testing, and IA security operations/network monitoring, Intrusion Detection Systems, Intrusion Prevention Systems, Security Information Management/Security Event Management, network mapping, vulnerability scanners, firewalls, routers and other security tools
-
Working knowledge of public key infrastructure and encryption systems
-
Experience working on an information security incident response team
-
Certified Information Systems Security Professional (CISSP).
