By Light Professional IT Services LLC readies warfighters and federal agencies with technology and systems engineered to connect, protect, and prepare individuals and teams for whatever comes next. Headquartered in McLean, VA, By Light supports defense, civilian, and commercial IT customers worldwide.
Position OverviewWe are hiring for an individual that has experience with Security (RMF) and Linux and Bash as well as Windows Powershell scripts, and XML. In addition the succesful candidate will have experience with Tenable.audit file.
ResponsibilitiesThis is a hands-on, Risk Management Framework (RMF), Technical security assessor / analyst (SCA) position requiring intermediate knowledge of Windows Server 2008/2012/2016; Red Hat Linux; VMWare; SQL Server; Oracle, and other administrative and security aspects of workstation and enterprise server technology. Support the security assessment of globally deployed departmental systems through hands-on execution of customer-supplied tools and best-practice techniques, including manual and automated verification scans against defined component baselines.
The SCA will assist with determining the security and configuration status of a variety of system components including: system documentation, Linux and Windows operating systems; SQL Server and Oracle databases; system support components; VMWare implementations. There are also occasional “one-off” components requiring development of baseline security configurations, hence technical curiosity and a desire to learn and innovate are beneficial.
For Assessment & Authorization purposes, validate the components and configurations of departmental systems deployed both globally and domestically. Identify misconfigurations, non-compliances, and anomalies which are relevant to FISMA assessment practices. Coordinate system assessment and findings to the Security Analyst for inclusion in the Security Assessment Report and participate in findings meetings with relevant system stakeholders.
Using the NIST Risk Management Framework and the NIST 800-53 security control catalog, map system and configuration anomalies to specific NIST security controls, along with specific remediation. Write accurate, cogent, and defensible descriptions of security configuration statuses, as well as succinct and defensible suggested remediations.
Required Experience/Qualifications Ability to develop and understand custom code XML. Tenable .audit File editing experience. Ability to write scripts.Preferred Experience/Qualifications 2+ years of using the NIST 800-53a RMF to conduct A&A assessments.1+ year of NOC, SOC, operations, data center, configurations management, or similar security related experience.5+ years of enterprise Linux and Windows Server security configuration familiarity.2+ years of virtual machine environmentsAbility to develop and understand custom scripts (Linux Bash and Windows Powershell or equivalent)Working knowledge (and hands on) of various assessment tools that may include Oracle OEM, DBsat, Tenable Nessus, nmap, and other related toolsPrior Department of State experienceAbility to discern application and systems dependencies and structureTechnical understanding of networking and associated protocolsApplication security principles and experienceKnowledge of cloud migrations/assessments or PKI-DAR (data at rest) or general services support typical of completing RMF type assessmentsBachelor’s degree in Information Technology, Cyber Security, Computer Systems or related field.5+ years of security related experience or equivalent3+ years with related MS degree Special Requirements/Security Clearance DoD Secret (Interim) to Start Options Apply for this job onlineApplyShareRefer this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed
By Light recognizes that our strength is our people. We support every employee as an individual to build strong teams across the enterprise. Our benefit package includes:
Medical, Dental & Vision Coverage Wellness Program 401(k) Matching Disability (Short Term & Long Term) Employee Assistance Program Life Insurance Education & Training Generous Leave Policy (11 Federal Holidays, PTO, and Military Leave)By Light is an Equal Opportunity and Affirmative Action Employer. All qualified candidates will receive consideration regardless of gender, race, veteran status, disability, and any other protected class in accordance with federal, state and local laws.
Application FAQsSoftware Powered by iCIMS
www.icims.com