America's Job ExchangeAJE

Location: Annapolis Junction, Maryland. Active Secret Clearance required, Interim Secret at Min. Hours, days and salary to be arranged. Intermediate Networking with WIndows, Unix (AIX) based integrated systems, Antrvirus and IDS/Firewall experience (1-2 years). Solid written and verbal communication experience is required. Must be able to provide clear and concise verbal and written communications to include compiling, writing and providing input to reports and presentations. Successful candidates should be familiar with certification and accreditation processes in general; experience with the NIST 800 series of documents would be advantageous. Provide IT security consulting to ISSO and Systems Owners based on the following guidelines but not limited to NIST,ISMA, DHS, NSA and other security guidelines. Writing/assisting C&A and SSP document for TSA assessment team with ISSO. Providing assistance in the following areas of security; incident reports, equipment/software inventories, operating instructions, physical security, administrative security, technical vulnerability reports, and contingency plans. Perform log analysis of networks including Windows Event Logs, Unix AIX logs, and DB2. Should possess experience doing Network, Web and Database security scanning. Should have operational experience with automated vulnerability assessment tools including, but not limited to, ISS, Nessus, AppDeterctive, Webnspect, MBSA, Hailstorm, etc. Working knowledge of common commercial and/or open source vulnerability assessment tools and techniques used for evaluating operating systems, networking devices, databases and web servers. Implementation, daily operation and administration of anti-virus, security patches and patch management. Write drafts of memos and other official communications pertaining to the operation of the TTAC for the System Owner to review. Conducts routine hardware and software audits of workstations and servers to ensure compliance with established standards, polices, and configuration guidelines. Maintains a comprehensive operating system hardware and software configuration database/library of all supporting documentation. Work with ISSO to create a process to ensure that all administrator password are changed every 90 days. Review operating systems and applications to determine compliance with TSA Security Password Policies. Document those systems that do not comply. Ensure that inactive user IDs are disabled after a specified period of time. Provide weekly audit reports to ISSO after initial review. Weekly audit reporting should include: UserID creation/modification/deletion, operating system access logs, WIndows access logs, etc. SSI compliance. Verify all badges are up to date in the security system and are operational per the security plans. Manage staff access to a secure facility. Reviews information systems and physical security environments to include all aspects of physical, technical and administrative s security issues, preparing updates for environment for approval and implementation. Perform periodic facility walked through to check for SSI compliance. Log and report SSI violations to ISSO. Perform periodic facility walk through to check for information security compliance (e.g. lock workstation while not at desk, ensure that cabinets and drawers are properly locked, sensitive materials are locked when not at desk, etc.). Perform periodic government-issued USB device registration review and confirm that personnel have the government -issued USB device in their possession. Perform periodic facility walk through to check for Registered Devices policy compliance. Log and report violations to ISSO. Bachelors Degree on either: Criminal Justice, Management, Military Science, Political Science , Security Management. Excellent verbal/written communication, strong interpersonal, time management, network and manage office workflow effectively, team building skills, attention to detail, strong grammar.