Vacancy expired!
Req ID: RQ168296Type of Requisition: RegularClearance Level Must Be Able to Obtain: Top Secret/SCIJob Family: Information SecuritySkills:Computer Security,Information Assurance,Information Security,Remediation,Vulnerability ManagementCertifications:CISSP - ISC2Experience:5 + years of related experienceUS Citizenship Required:YesJob Description:Information Security Analyst, Senior AdvisorOverviewARMA-Global is currently pursuing a qualified candidate to serve as Vulnerability Manager – Information Security Analyst, Senior to support the Design, Development, Engineering, Integration, Testing and Implementation and Sustainment of critical technologies for our customers.Company OverviewARMA-Global is a whole-own subsidiary of General Dynamics Information Technology (GDIT) and is a full services integrator of a wide range of Information Technology-based services for our Government and Commercial market clients. We bring extensive experience in overseeing the design, implementation, execution, and sustainment of both domestic and international programs with emphasis on delivering critical support for no-fail missions to our customers. ARMA-Global prides itself in providing creative solutions to client challenges and bringing talent and expertise that are committed to customer success.LocationMary Esther, FLResponsibilitiesThe Cybersecurity Analyst - Information System Security Manager (ISSM) will ensure cybersecurity compliance in support of multiple programs and Air Force and USSOCOM connected systems. They will be responsible for maintaining and executing functions on the vulnerability management platform, which includes but not limited to ACAS & Source Code scans, STIG Validation in support of DISA, DoD, USSOCOM, and USAF guidelines and proactive vulnerability detection. They will be responsible for composing essential documentation (procedures, compliance and remediation reports, continuous monitoring, etc.), providing analysis and metrics on vulnerabilities, and driving remediation of vulnerabilities throughout the organization. The ideal candidate has a background in Systems Administration or Systems Engineering, has a strong systems security mindset, and is very detailed oriented with strong written and oral communication skills.Knowledge, Skills, and Abilities
5+ Years of Information Security Experience, working with Vulnerability Management tools
Demonstrated knowledge of Systems Administration/Engineering with proficiency in analyzing systems designs with a systems security mindset
Strong knowledge of threats and vulnerabilities associated with cloud and on-premises network security and Computer Network Defense
Demonstrated ability to work effectively in an ambiguous environment
Strong oral and written communications skills
Strong analytical and problem-solving skills and proactive thinking skills
High-level familiarity with Vulnerability Management tools such as ACAS, SCAP, STIG Viewer, Vulnerator and SCCM
High-level familiarity with Cybersecurity tools such as Splunk, OSSEC, Elastic, HBSS, Solarwinds and various network firewalls
Ability to develop Compliance (Credentialed Scans, CVSS10, OS, HBSS, PKI, AV) and Continuous Monitoring (RMF Controls) reporting metrics and dashboards
High-level familiarity with DoD, USAF, USSOCOM, and other Cyber Security Regulatory Compliance bodies
Ability to oversee and/or perform the development, maintenance, and continual improvement of the vulnerability management platform, processes, and technical assessment support
Ability to drive automation of vulnerability management platforms and processes
Demonstrated understanding of infrastructure and cloud vulnerability scanning
Ability to classify and prioritize new vulnerabilities risks based on operating environment
Ability to develop and maintain metrics and reports on vulnerability findings and remediation compliance
Facilitate proactive remediation or mitigation of new vulnerabilities by collecting information from threat and vulnerability feeds, analyzing the impact/applicability to our environment, and communicating applicable vulnerabilities and recommended remediation actions to the impacted teams
Provide technical support to system and technology owners to propose mitigation and remediation solutions
Assist with routine compliance and audit functions to ensure regulatory scanning requirements are satisfied
Document and report on processes and procedures
Provide input to leadership for enhancing the vulnerability management strategy
Stay current on security industry trends, attack techniques, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities
Sense of urgency to address new technologies being deployed: Continuous development of infrastructure and cloud vulnerability expertise to function as subject matter expert in multiple technical or business disciplines
Security Requirements
Must have a SECRET clearance with the ability to obtain an SCI (TS/SCI)
Physical Demands
Lift over 35 LBS
Work Environment
Work environment is administrative office
Education, Certification and Experience Requirements
Bachelor’s Degree in a related discipline, AND 5 years’ experience in related work
9+ years of combined education and experience in related DoD and Commercial industry IT
5 years of the combined education and experience MUST be Cybersecurity related
Required Certifications:
Must have one of the following DoD 8570 IAM III Level certifications: CISSP, CISM, GSLC
Desired Certifications:
AWS Cloud certifications are highly desired
We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 30 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.We connect people with the most impactful client missions, creating an unparalleled work experience that allows them to see their impact every day. We create opportunities for our people to lead and learn simultaneously. From securing our nation’s most sensitive systems, to enabling digital transformation and cloud adoption, our people are the ones who make change real.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.
