Clearance Required: Top Secret, SCI with Polygraph
PCI has opportunities on an exciting new program. The scope of the program relates to IT capabilities to include services, applications, and analytic and data management tools. This also includes the associated management, security and infrastructure. The scope of this work includes the cloud migration and security services functional work areas.
Cloud Migration Support
Cloud migration services establish requirements for the migration of data, infrastructure, and applications into the IC ITE cloud environment.
Cloud migration support provides expertise in planning and implementing the migration of mission algorithms, applications and tools for the IC ITE cloud environment.
Security Services Support
Security services establish requirements for cybersecurity, information assurance services, and security management.
Cybersecurity and information assurance services include a wide range of technical, functional and managerial services necessary to ensure the secure operations of systems. Security management support includes developing security management strategies and defining and implementing established security management processes.
- Board certified in relevant security programs (e.g. CISSP, CISM, CISA, CEH, NCSF, CAP, etc.)
- Applies experience with compliance and vulnerability scanning tools ( XACTA, RedSeal, Nessus, Splunk, McAfee, ePO, and/or other vulnerability scanners)
- Applies experience with RMF, CNSSI 1253, NIST SP 800-53, and NISPOM
- Applies experience with Security Technical Implementation Guides (STIGs) and Security Content Automation Protocol (SCAP) Compliance Checker (SCC)
- Applies knowledge of Information Assurance Vulnerability Alerts (IAVAs)
- Research, develop, test and review an organization’s information security in order to protect information from unauthorized access
- Inform users about security measures, explain potential threats, install software, implement security measures and monitor networks
- Responsible for gathering information necessary to maintain and establish functioning exterior barriers, such as firewalls and other security measures
- Define, create, and maintain documentation for assessment and authorization of each information system in accordance with Government requirements
- Assess impacts of system modifications and technological advances
- Review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes, and document upgrades
- Use analytical skills to troubleshoot and prioritize needs, requirements, and other issues
- Establish and enforce security policies to protect the organization’s infrastructure, networks, and data
- Evaluate the effectiveness of existing security measures, such as firewalls, password policies, and intrusion detection systems
- Minimize risk of damage from security breaches by putting business continuity or disaster recovery plans in place