Position Title: Information Assurance Engineer III -4096
Job Location: Austin, TX 78701
Galapagos Federal Systems LLC is looking for an enthusiastic, well-qualified individual to fill the Information Assurance Engineer III position and to join our team of qualified, diverse individuals.
The primary responsibility of this position is to applies IT security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and processed information; plans, implements, and manages a Defense In Depth for the total network and/or enclaves within the network; identifies and analyzes threats and vulnerabilities to the information systems to maintain protection, accomplish risk analysis, security testing, and certification due to modifications or changes, completes computer security plans, and enforces mandatory access control techniques; manages a network security program, reporting all incidents promptly and providing corrective action to prevent further incidents; implements guidance to ensure the protection of Internet information, reduces the risks associated with automated processing of information and data, and trains all personnel in IT security awareness, as required.
The top candidate will promote a positive public image and have excellent customer service skills; project a positive image and professional manner at all times; ability to work within the confines of a set time schedule.
Skills / Experience Required
- Work with system owners to close IAVMs/ICVMs and open Plan of Action and Milestones (POA&Ms) in a rapid fashion, in accordance with DoD instructions/directives
- Review all POA&MS with the Program Manager on at least a quarterly basis and update the POA&Ms accordingly
- Provide Defense in Depth principles and technology in security engineering designs and implementation
- Analyze existing and future systems, reviewing security architectures, and developing engineering solutions that integrate information security requirements to proactively manage information protection
- Apply security risk assessment methodology to system development, including assessing and auditing network penetration testing, antivirus deployment, risk analysis
- Conduct Computer Incident Response Team (CIRT) activities, including forensic analysis
- Plan, implement, and manage a Defense In Depth for the total network and/or enclaves within the network to include such items as: scanning, remediation, host and network intrusion detection/prevention, firewalls, proxy servers, web cache, virus programs, vulnerability scanning, content filtering, remote dial in protection, Host Based Security Services, Directory Services, and Certification and Accreditation, DoD Instruction 5200.40, accreditation guidance and advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond, investigate, and report undisclosed classified incident remediation
- Assess and mitigate system security threats/risks throughout the program life cycle
- Validate system security requirements definition and analysis and review/approve System Security Plans for enterprise-wide architectures
- Maintain agency public key infrastructure system implement security designs in hardware, software, data, and procedures
- Provide support for the Department of Defense (DoD) Public Key Infrastructure (PKI) service
- The candidate will be responsible for requesting, receiving, installation, and accountability of system (server) PKI certificates and providing technical support for PKI
- Provide communications security (COMSEC) rekeying support within normal business hours or on-call, as required and be able to prepare and maintain secure communications devices and crypto keys
- Provide Certification and Accreditation, as well as Automated Information System Accreditation support
- Provide Security Risk Assessments and perform risk analysis of resources, controls, vulnerabilities, impact of losing systems’ capabilities and threats to the mission objective; provide analysis to facilitate decisions to implement security countermeasures or mitigate risk; implement countermeasures; periodically review program. Recognize possible threats and review evaluations for compliance and non-compliance
- Have an impressive track record of progressively responsible information assurance experience in one or more of the following information security areas: certification and accreditation, IA system evaluations, system security penetration testing, and IA security operations/network monitoring, Intrusion Detection Systems, Intrusion Prevention Systems, Security Information Management/Security Event Management, network mapping, vulnerability scanners, firewalls, routers, and other security tool
- Have knowledge and experience with securing a virtualized environment (HYPER-V, ESX-I, RedHat Kickstart installation).
- Have knowledge of DoD -Command Cyber Readiness program and be familiar with the Army Risk Management Framework (RMF) governance, documentation, and Service eMASS accreditation tool set
- Have knowledge and experience communicating Cybersecurity concepts to technical and non-technical personnel; ability to develop technical documents and produce system design documentation
Education / Certifications
- Bachelor’s degree in computer science, Cybersecurity, Computer Engineering, or related discipline. Comparable experience in lieu of degree may be considered.
- 3+ years of experience performing Information Assurance functions and using RMF IT security controls and policies
- Must possess and maintain an IT I level certification IAW AR 25-2 and an IAT-II/IAM-II certifications IAW DoD 8570.01-M
Must be a U.S. Citizen. A high-level Department of Defense (DoD) active security clearance may be required. Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to government information.
Work may involve sitting or standing for extended periods of time and typing and reading from a computer screen. Must have enough mobility, including bending, reaching, and kneeling, to complete daily duties in a prompt and efficient manner and may include lifting thirty (30) pounds, as necessary.
Headquartered in Hawaii, Galapagos Federal Systems, LLC is an SBA Certified NHO (Native Hawaiian Organization) 8(a) Small Business specializing in global information technology and offering professional solutions in IT Design & Installation, Cybersecurity Engineering & Support, Application Integration & Development, Software & Hardware Engineering, Network & Systems Management, Information Systems Security, and Business Management Services.
Leveraging over 30 years of providing IT services to the federal & commercial market with projects found around the world, our team has innovative expertise in the development of a wide range of technological solutions. Galapagos Federal Systems, LLC is an equal opportunity employer.
Our service commitment is simple – “Quality IT Solutions… On Time & On Budget.”
Company Employment Statement
Galapagos Federal Systems, LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing as positions, functions, and qualifications may vary depending on business needs. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Galapagos Federal Systems, LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics