- Must have 5 – 7 years’ experience maintaining security posture in Enterprise Mission Assurance Support System (eMASS).
- Support Certification & Accreditation (C&A) efforts and develop document artifacts for Risk Management Framework (RMF) security authorization packages, such as system architecture and boundaries, hardware and software inventories, risk assessment reports, Plan Of Action & Milestones (POAMS), data flows, Continuity of Operations (COOP), Ports Protocols System Management (PPSM) accounting, and other necessary system, network, and application documentation.
- Perform vulnerability scans. Report status and changes, or by event, depending on severity and urgency.
- Maintain and update the government-owned and licensed application with its related applications to achieve IT support of business requirements in accordance with Army and DOD standards.
- Conduct cyber security testing, train users, and deploy the software in accordance with Army and DOD standards.
- Ensure the Security of Local Area Network (LAN) Infrastructure and meet all US Army regulations for operations.
- Secure the LAN Infrastructure according to the requirements outlined in DoD 8500.2 and the AR 25-2.
- Ensure all systems are compliant with the security standards set by DoD 8500.1 and AR 25-2.
- Conduct scanning of all servers with the required Defense Information Systems Agency (DISA) Cyber Security compliant cyber security scanning software according to the bimonthly release dates and analyze results. Produce bimonthly report of scan results.
- Identify and report all patches required to secure the system for upload to the appropriately affected servers Document all vulnerabilities indicated by the scans in a Plan of Action and Milestones (POAM).
- Acquire and maintain the accreditation of the Cloud and LAN according to the guidance provided by DISA, ARMY NETCOM, Joint Service Provider (JSP) and the Cloud Information System Security Provider (CISSP) SLA for compliance with the accreditation process to maintain Network Authority to Operate (ATO).
- Follow DOD Security Technical Implementation Guides (STIG) and ensure the proper application of corrective actions are completed. Maintain a log within eMASS of STIGs and corrective actions (POA&Ms).
- Ensure all systems are configured with the standards as set in the DISA STIGs.
- Document in eMASS the results of all findings that are not in compliance within the POAM.
- Document all known vulnerabilities. Maintain vulnerability report in eMASS.
- Complete and maintain a mitigation Strategy Checklist. Report monthly.
- Develop and maintain mitigation strategy to resolve findings for all Category I, II and III vulnerabilities.
- Update Tenant Security Plan (TSP) to report network changes annually. Update the TSP in accordance with Federal, DoD and/or Army guidelines, regulations, policies, and requirements.
- Perform Tabletop/life IT-Disaster Recovery Plan/IT-COOP testing quarterly.
- Maintain Cyber Security and System Vulnerability Compliance in accordance with US Army Network Command (NETCOM), US Army and Customer policies. Provide status in monthly report, or by event.
- Support and maintain the infrastructure to meet availability and performance requirements – system requirement is for a 98% operational readiness rating during a 40-hour work week.
- Keep Online application accessibility at 98% during a 40-hour work week.
Desired certifications – CCNA, Security Cyber Security Architect+ (SCSA, formally listed as CSA+) GIAC Security Engineer Certification (GSEC), Security+ CE, Systems Security Certified Practitioner (SSCP)
Bravura is a rapidly growing Woman Owned Small Business (WOSB) that provides professional and engineering services, technology solutions and product offerings to DoD, Federal Civilian agencies. Bravura is an Equal Opportunity Employer. Bravura does not discriminate against employees or applicants for employment on any legally recognized basis (protected class) including, but not limited to: veteran status, uniform service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other protected class under federal, state, or local law. These are positions that require a U.S. Citizenship.