Job ID 2020-4819
Job Locations
US-Remote
Category
IT: Information Assurance / Quality / Cyber Security
Type
Regular Full-Time

Overview

NCI is a leading provider of enterprise solutions and services to U.S. defense, intelligence, health and civilian government agencies. NCI's AI solution, Shai(tm), scales humans with artificial intelligence by empowering the workforce to meet their mission by using best in class AI solutions coupled with our exceptional service offerings. Working with strategic partners, NCI is committed to bringing commercial innovation to missions of national importance. NCI is a mid-tier systems integrator headquartered in Reston, VA, and operates at locations across the globe.

 

NCI has been designated a 2020 Military Friendly Employer by MilitaryFriendly.com  

 

Responsibilities

NCI: As the Enterprise IT as a Service (EITaaS) Information Systems Security Officer (ISSO) you will support the future of the Army’s enterprise IT services. As the Army drives towards its 2028 Modernization Strategy and postures to the era of great power competition put forth in the National Defense Strategy, we must operate and defend our networks ruthlessly. The Army’s communications network is the foundational weapons platform for the entire force. All Army operations depend on timely, reliable delivery and transmission of data. The Army is moving towards rapid and reliable Army Enterprise support and offerings. EITaaS is commercial delivery and management of protected IT services from the enterprise to the point of need (user) on the Department of Defense Information Network-Army (DODIN-A). Provides connect, protect, storage, computing, common IT services, hardware, software, and networking infrastructure.

 

Information Systems Security Officer (ISSO).  Oversees the security posture for one or more system(s) throughout the entire lifecycle; provides continuous monitoring through scheduled audits, controls testing, and audit reviews, and escalates issues as needed. Oversees the implementation of information technology (IT) security controls and security authorization documents; and ensures the system is compliant with mandated security policies and requirements. Provides technical recommendations for all Risk Assessments and Vulnerability Assessments conducted for the system or site. Provides security analysis of IT activities to ensure that appropriate security measures are in place and being enforced. Coordinates penetration testing or other 'red team' activities that might occur at/or traverse the systems infrastructure as part of a Security Control Assessment (SCA). Promotes IT security awareness information to the user community by validating the user community is completing their annual training. Oversees and maintains regulatory requirements and participates on the Change Control Board (CCB) by reviewing changes for security implications and security applications.

Specific Tasks

 

  • Apply security policies to applications that interface with one another, to meet security objectives of the system
  • Apply service-oriented security architecture principles to meet organization's confidentiality, integrity, and availability
  • Ensure all systems security operations and maintenance (O&M) activities are properly documented and updated in the Risk Management Framework (RMF) package
  • Ensure that the execution of cybersecurity vulnerability scans and application of security patches as required
  • Implement specific cybersecurity countermeasures
  • Integrate automated capabilities for updating or patching system software where practical and develop processes and procedures for manual updating and patching of system
  • Plan and recommend cybersecurity modifications
  • Provide cybersecurity guidance to leadership
  • Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials)
  • Identify and assess the effectiveness of security controls
  • Assess all the configuration management (change configuration/release management) processes [T0344]
  • Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements
  • Analyze and report organizational security posture trends
  • Ensure the execution of disaster recovery and continuity of operations
  • Verify minimum security requirements are in place for all applications
  • Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities and work with stakeholders to resolve computer security incidents and vulnerability compliance

Qualifications

MINIMUM REQUIREMENTS:

  • Clearance: Secret
  • Information Assurance Certification: IAT II (CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND, SSCP)
  • Computing Environment Certification: PMP, ITIL Foundations or equivalent.
  • Education: BA 10 - 15 years’ experience

 

PREFERRED EDUCATION AND EXPERIENCE:

 

  • ITIL intermediate certifications

 

PHYSICAL REQUIREMENTS:

 

This position requires the ability to perform the below essential functions:

  • Sitting for long periods
  • Standing for long periods
  • Ambulate throughout an office
  • Ambulate between several buildings
  • Stoop, kneel, crouch, or crawl as required
  • Travel by land or air transportation 25%

It is the policy of NCI to provide equal opportunity in recruiting, hiring, training, and promoting individuals in all job categories without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, gender identity, or any other protected class or category as may be defined by federal, state, or local laws or regulations. In addition, we affirm that all compensation, benefits, company-sponsored training, educational assistance, social, and recreational programs are administered without regard to race, color, religion, national origin, gender, age, disability, genetic information, veteran status, sexual orientation, or gender identity. It is our firm intent to support equal employment opportunity and affirmative action in keeping with applicable federal, state, and local laws and regulationsNCI is a VEVRAA Federal Contractor.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.