Information Security Specialist [17015] at ATR Arena Technical Resources

Job Title: Information Security Specialist III 

Job Location: Fort Cavazos, TX, 76543 

Security Clearance: 

Must be a U.S. Citizen. A high-level Department of Defense active Secret
security clearance is required. Applicants selected will be subject to a
security investigation and may need to meet eligibility requirements for
access to government information. 

Job Summary:

B Technology, LLC has an immediate opening for an Information Security
Specialist to join our rapidly growing team. B Technology, LLC is
looking for an enthusiastic, well-qualified individual to fill the
Information Security Specialist III position and to join our team of
qualified, diverse individuals. 

The Information Security Specialist Performs under general direction and
uses current information security technology disciplines and practices
to ensure the confidentiality, integrity and availability of Government
information assets in accordance with established standards and
procedures. Develops and maintains knowledgebase on changing regulatory,
threat, and technology landscapes to continually develop or maintain
security policies and standards, and ensures compliance throughout the
organization; Provides Risk Management Framework, circuit/system
accreditation and certification policy services; Participates in the
development or modification of the computer environment IA security
program plans and requirements; Develops procedures to ensure system
users are aware of their IA responsibilities before granting access to
DoD information systems; Recognizes possible security violations and
takes appropriate action to report the incident, as required; Ensures IA
security requirements are appropriately identified in computer
environment operation procedures; and collects and maintains data needed
to meet system IA reporting requirements. 

 

Job Requirements: 

- Responsibilities: (Not listed in order of importance; other
duties may be assigned) and must be able to perform the following with
minimal guidance: 

- Provide oversight for the Computer Network Defense-Service
Provider (CNDSP) 

- Work with system owners to close IAVMs/ICVMs and open Plan of
Action and Milestones (POA&Ms) in a rapid fashion, in accordance with
DoD instructions/directives. Review all POA&MS with the Program Manager
on at least a quarterly basis and update the POA&Ms accordingly. 

- Provide Defense in Depth principles and technology in security
engineering designs and implementation 

- Analyze existing and future systems, reviewing security
architectures, and developing engineering solutions that integrate
information security requirements to proactively manage information
protection 

- Apply security risk assessment methodology to system
development, including assessing and auditing network penetration
testing, antivirus deployment, risk analysis 

- Conduct Computer Incident Response Team (CIRT) activities,
including forensic analysis 

- Engineer and deploy network defense countermeasures such as
anti-virus, anti-spam, and intrusion detection and prevention system
solutions 

- Analyze IA security events, including threat model development
and resulting security risk analysis of systems 

- Review and assess information security events and logs via
sophisticated security information/event manager 

- Plan, implement, and manage a Defense In Depth for the total
network and/or enclaves within the network to include such items as:
scanning, remediation, host and network intrusion detection/prevention,
firewalls, proxy servers, web cache, virus programs, vulnerability
scanning, content filtering, remote dial in protection, Host Based
Security Services, Directory Services, and Certification and
Accreditation, DoD Instruction 5200.40, accreditation guidance and
advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond,
investigate, and report undisclosed classified incident remediation.  

- Assess and mitigate system security threats/risks throughout
the program life cycle 

- Validate system security requirements definition and analysis
and review/approve System Security Plans for enterprise-wide
architectures 

- Maintain Agency public key infrastructure system Implement
security designs in hardware, software, data and procedures 

- Provide support for the Department of Defense (DoD) Public Key
Infrastructure (PKI) service. 

- Responsible for requesting, receiving, installation, and
accountability of system (server) PKI certificates and providing
technical support for PKI.  

- Provide Certification and Accreditation, as well as provide
Automated Information System Accreditation support  

- Provide Security Risk Assessment. Perform risk analysis of
resources, controls, vulnerabilities, impact of losing systems’
capabilities and threats to the mission objective; provide analysis to
facilitate decisions to implement security countermeasures or mitigate
risk; implement countermeasures; periodically review program. Recognize
possible threats and review evaluations for compliance and
non-compliance.  

- Proficiency in typing and reading from a computer screen for
job tasks. 

- Demonstrated mobility skills, including bending, reaching, and
kneeling to perform duties efficiently. 

- Capability to lift weights up to thirty (30) pounds as
needed. 

- Possession of a valid driver’s license. 

- Maintenance of a clean driving record. 

- Occasional use of company vehicle while on the work site. 

- Other duties as required 

Education / Certifications: 

- Bachelor’s Degree in Computer Science, Cybersecurity, Computer
Engineering, or related discipline 

- 3+ years of experience performing Information Assurance functions and
using RMF IT security controls and policies 

- Must possess and maintain an IT-I level certification IAW AR 25-2 and
IAT-II/IAM-II certifications IAW DoD 8570.01-M 

- Secret Clearance 

 

Knowledge:  

- Proficiency in information security technology disciplines and
practices to ensure the confidentiality, integrity, and availability of
Government information assets. 

- In-depth understanding of regulatory, threat, and technology
landscapes to develop and maintain security policies, standards, and
procedures. 

- Experience in providing Risk Management Framework, circuit/system
accreditation, and certification policy services. 

- Knowledge of Defense in Depth principles and technology in security
engineering designs and implementation, including analyzing existing and
future systems, reviewing security architectures, and developing
engineering solutions. 

 

Abilities:  

- Ability to organize, prioritize and meet deadlines 

- Ability to sit or stand for extended periods of time as necessary for
work. 

- Capable of conveying complex information in a simplistic manner 

- Strong critical thinking and problem-solving skills 

- Strong self-starter requiring minimal supervision 

- Able to take proactive measures to prevent problems rather than
reactive by nature 

- Strong verbal and written communication to effectively express
concepts, plans, and proposals 

Arena Technical Resources, LLC, (ATR) is an Equal Opportunity Employer
(EOE) who will provide equal employment opportunity to employees and
applicants for employment without regard to race, ethnicity, religion,
color, sex, pregnancy, national origin, age, veteran status, ancestry,
sexual orientation, gender identity or expression, marital status,
family structure, genetic information, or mental or physical disability.