AMERICAN SYSTEMS is seeking an Information Security Engineer/Analyst. The Information Security Engineers/Analysts will ensure that 26 NOS maintains a secure environment across the AF portion of the DODIN. They will provide a Cyber Security architecture that delivers confidentiality, integrity, availability, authenticity and non-repudiation using an appropriate mixture of commercial and government developed tools. Provide services and solutions to use the Cyber Security architecture to protect information consumed and generated by mission services, delivering these services at a level commensurate with the information assets being protected. Implement and conduct IA operations such as, but not limited to, identity management, identity authentication, threat analyses and certification and accreditation. Information Security Engineers / Analysts monitor 26 NOS information system activity; collect, review, and retain audit logs to include system logs and records and determine actions to be taken when discrepancies are detected. Collect and review audit data of 26 NOS network activity to support technical analysis relating to misuse, penetration reconstruction, or other security investigations. Investigate and report actual or suspected information systems security incidents, events, or violations and report to the cybersecurity manager. Perform analyses to validate established security processes and recommend additional security steps to ensure compliance with applicable DOD IA requirements and baseline IA controls. Conduct network security vulnerability assessments using AF provided scanning tools and liaison with network administrators to correct identified problems. Review Information Assurance Vulnerability Alerts (IAVA) for applicability and impact to the range networks. Ensure that all systems are patched and report compliance or problems in achieving compliance to the cybersecurity manager. Must be familiar with DISA Applications Security Technical Implementation Guides (STIGs); evaluate information systems for compliance with these STIGs and review measures needed to bring systems into compliance. Ensure new information systems are configured in accordance with current DISA STIGs and DoD/DAF Directives. Verify all automated and manual vulnerability scans are documented, scheduled and are being completed. React to and report actual or suspected events to the cybersecurity manager. Assist in evaluation of Information Systems for compliance with Government statutes, DoD 8500.2 IA and/or NIST 800‑53 Controls, and other appropriate AF policies and regulations. Assist in the documentation, review, and assessment of RMF packages including System Identification Profiles, RMF Implementation Plans, Scorecards, POAMs, DIACAP Artifacts, and IA (Information Assurance) Controls. Update/maintain POAMs in order to track the resolution of vulnerabilities identified on systems and not closed by other means. Ensure IA requirements are identified and included in the design, acquisition, installation, operation, upgrade, or replacement of all 26 NOS monitored capabilities.
AMERICAN SYSTEMS is one of the top 100 employee owned companies in the United States. Employer Ownership means, that at AMERICAN SYSTEMS, we treat each other with respect. Every member of our team has a vested interest and benefits from MISSION SUCCESS. We all have the same goals particularly in service to our nations War Fighters; providing, team-focused, mission-essential support in challenging environments. Being truly effective means pushing beyond basic requirements. We build skilled and committed teams of experts. We conduct our work with a sense of purpose; loyal to the mission, our clients, each other and to the long-term success of the company.
Must have experience with network administration, configuration and troubleshooting actions on a variety of commercial devices, including a working knowledge of Cisco, F5, Palo Alto, Blue Coat Systems and other network and computer components.
Must be able to work in a dynamic environment and effectively interact with various military/civilian personnel plus industry partners.
BS in Computer Science, or Cybersecurity, four years of experience can be used in place of a BS degree.
IAT Level II Certification (Security+ or Network+)
Experience with eMASS required for all Senior and Mid‑level billets.
10 Years’ experience performing network security support.
CISSP required for at least 2 billets.
HBSS Analyst required for at least 2 billets
BCCPP required for at least 1 billet
F5‑CTS required for at least 1 billet
RCSP desired for at least 1 billet
Splunk Certified Architect desired for at least 1 billet
GPPA desired for at least 1 billet