Provides expert level consultation and technical services on all aspects of Information Security. Manages large-scale programs of national or international scope. Maintains senior affiliations with national and international organizations associated with information security.
Perform vulnerability analysis and management and data analysis for all enterprise and cloud enclaves.
The contractor shall generate vulnerability data. Vulnerability data generation is completed via multiple NGA accepted vulnerability tools(software and hardware) used either remotely or locally on the systems to ensure compliance and to identify security holes, risks, threats and gaps as part of the overarching vulnerability management mission.
Constantly monitor, log, and track all NGA systems for vulnerabilities. Certification and vulnerability data generation shall be run with minimal to zero impact on network and systems performance.
Conduct vulnerability analysis on each Enterprise network monthly for IAVM compliance and produce an IAVM compliance report.
Conduct analysis for network security compliance in accordance with DISA STIGs.
Provide on-site and/or remote testing in support of FISMA and CCRI through certification scans.
Experience in Assured Compliance Assessment Solution (ACAS) desired
EDUCATION & EXPERIENCE:
Typically a bachelor's degree or equivalent and 10 to 12 years related experience. Master's degree or doctorate in field mathematics, telecommunications, electrical engineering, computer engineering, computer science is preferred.
Requires 8570 Level 3 certification is required within 6 months of starting.
Recognized subject matter expert
Manages large projects
Limited oversight from manager
Coaches, reviews and delegates work to lower level technical team members
Problems faced are difficult and often complex
Influences others regarding policies, practices, and procedures
PHYSICAL DEMANDS: Normal demands associated with an office environment. Ability to work on computer for long periods, and communicate with individuals by telephone, email and face to face. Some travel may be required.