Apply on Employer Site

Sumaria Systems, LLC · 3 months ago

Information Assurance II (Vulnerability Assessment Analyst – ACAS Security Manager)

Montgomery, AL

Full-time

Onsite

Mid Level

$75K/yr - $80K/yr

3+ years exp

Sumaria Systems, LLC is a Full Lifecycle Engineering and Technical Services company supporting the Warfighter. The Information Assurance II role involves managing and defending the Air Force portion of the Department of Defense Information Network, including vulnerability assessments and incident response activities.

Cyber SecurityInformation ServicesInformation TechnologyLogisticsProject Management

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Measure effectiveness of defense indepth architecture against known vulnerabilities using available tools within organization to find them. Analyze, prioritize, and mitigate vulnerabilities to lower or eliminate risk

Perform/review/validate vulnerability scans to include analysis of results, identification of false positives, exceptions, and subsequent POA&Ms and/or MFRs creation, monitoring and reporting to include POA&M status and contributions to Monthly and Quarterly reports

Collects and reviews data gathered from a variety of tools (including intrusion detection system alerts, firewall, network traffic logs, and host system logs) to analyze events for possible attacks that occur within computing, network, or enclave environments

Validates, investigates, and analyzes all response activities related to cyber incidents. These tasks include but are not limited to: creating and maintaining incident tracking information; planning, coordinating, and directing recovery activities; and incident tracking information; and incidents analysis tasks, including examining all available information and supporting evidence of artifacts related to an incident or event

Performs assessments of systems and networks within the network environment or enclave and identify where those systems and/or networks deviate from acceptable configurations, enclave policy, or local policy

Create reports to effectively communicate to government problems and proposed solutions

Actively manage (inventory, track, and request corrective action) all hardware devices on network that only authorized devices are given access and unauthorized and unmanaged devices are found and prevented from gaining access

Actively manage (inventory, track, and correct) all software on the network so that only authorized software is installed and can execute, and that unauthorized and unmanaged software is found and prevented from installation or execution

Submit tickets to appropriate teams for corrective actions

Other cybersecurity related tasks, as assigned

Qualification

Vulnerability AssessmentCybersecurity Incident ResponseNetwork Security ManagementNESSUSDISA STIGsForescoutSecurity+Analytical SkillsCommunication SkillsTeam Collaboration

Required

High School Diploma or GED

DoDD 8140 IAT-II

DISA ACAS Supervisor and Operator Course

DISA Forescout Comply to Connect (C2C) Certified Administrator Training (FSCA)

Security + or CEH

3+ years of experience in utilizing security relevant tools to include: NESSUS, ACAS, DISA STIGs, Audit Tools, Forescout, ESS

Perform assessments of system and network and identifies where the system/network deviate from acceptable configurations, DoD policy, or local policy/guidelines

Secret Security Clearance

Company

Sumaria Systems, LLC

Sumaria Systems, LLC is a Full Lifecycle Engineering, Technical Services, and Professional Solutions company with over four decades of experience supporting the Warfighter through modernization and high-end services, delivering next generation capabilities for contested domains.

Founded in 1982

Danvers, Massachusetts, USA

201-500 employees