As an Information Assurance/Cyber Security Engineer - Subject Matter Expert (GEF Surge Support), you will provide services in support of the U.S. Army Network Enterprise Technology Command (NETCOM). In support of the NETCOM Global Enterprise Fabric (GEF). You will provide operational and technical engineering support for the implementation, testing, integration, interoperability, and sustainment of information technologies support that support the GEF Army/NETCOM Enterprise.
Highlights of responsibilities
- Cultivate and maintain effective working relationships with a variety of stakeholders, including end-users, project managers, engineers and senior staff members.
- Translate subject matter terminology into business terms and recommend alternatives to both senior management and engineering teams.
- Provide Information Assurance solutions and support to the LWN/Army DoDIN and Joint Information Environment (JIE) architecture and UC efforts related to GEF engineering, integration, testing and monitoring.
- Provide Information Assurance support during system configuration, integrations, and stabilization of security mitigations and intrusion control mechanisms at Army Post/Camp/Station.
- Establish and perform engineering trend and traffic analysis.
- Execute Security Technical Implementation Guide (STIG), standardizing security protocols within networks, servers, computers, and logical designs to enhance overall security. Implement, enhance security for software, hardware, physical and logical architectures to further reduce vulnerabilities.
- Assess DoD Information Systems against the RMF security controls (IAW) Department of Defense (DoD) Instructions 8500.01 and 8510.01, NIST SP 800-37, 800-53, and 800-53A, Army Regulation 25-1 and 25‐2, US Army Best Business Practices (BBPs) and applicable NETCOM Tactics, Techniques & Procedures (TTPs).
- Identifies mitigating factors for identified risks and proposes additional mitigation strategies for identified vulnerabilities.
- Evaluate a wide array of IT devices for Security Technical Implementation Guide (STIG) compliance using ACAS/ Nessus, SCAP Compliance Checker, and manual checklist reviews. This includes Windows, Solaris, and Red Hat Linux servers and desktops, routers, switches, firewalls, IDS, etc.
- Submit findings input into the Enterprise Mission Assurance Support Services (eMASS) system or other Army approved tracking database.
- Provide engineering solutions and engineering deployment documentation, such as; Service Design Plans (SDP); System Test Plans (STP); Enterprise Technical Procedures (ETP); Systems Validation Traceability Matrix; Systems Build Guides; Engineering Implementation Plans (EIP); Functional Requirements Document (FRD); draft list of materials (LOM) for acquisition; packaging for deployment; Risk Management Framework (RMF) Security Plan.
- Establish system software and hardware baseline.
- Provide configuration management support.