Information Systems Security Officer with Security Clearance - Annapolis Junction, MD, United States - Rolling Wave Technologies

    Rolling Wave Technologies
    Rolling Wave Technologies Annapolis Junction, MD, United States

    1 week ago

    Default job background
    Technology / Internet
    Description
    "Roles and Responsibilities:


    • Review Nessus/ACAS scan results and provide direction where required
    • Recognizes potential, successful, and unsuccessful scan results for efficiency in reporting compromises thorough reviews and analyses of relevant event detail and summary information
    • Evaluate systems baseline security state (STE, Health & Status) verified through Xacta and LatteArt source of record systems
    • Review and mitigate liens (POAMS)- continuous assessment
    • Collaborate and develop Splunk use case dashboard reporting for security baseline
    Weekly reporting of system health status


    • 100% Scan compliance validation for systems
    • Maintain 98% asset accountability for in scope systems
    • Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications and operating systems
    Assists with implementation of counter-measures or mitigating controls


    • Conducts regular audits to ensure that systems are being operated securely, and information systems security policies and procedures are being implemented as defined in security plans
    • Develops, tests, and operates firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools
    Safeguards the network against unauthorized infiltration, modification, destruction or disclosure


    • Responds to queries and requests for computer security information and reports
    Conducts investigations of computer security violations and incidents, reporting as necessary to management Roles and Responsibilities (cont.):


    • Researches, evaluates, tests, recommends, communicates and implements new security software or devices
    • Implements, enforces, communicates and develops security policies or plans for data, software applications, hardware, and telecommunications
    • Develops materials for computer security education/awareness programs
    • Provides recommendations to clients on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies
    • Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance
    • Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration or denial of access to information
    • Provides advanced guidance and leadership to less-experienced team members
    • May serve as a team or task leader
    (Not a people manager)


    • Provides information assurance project management, technical security staff oversight, and development of mission-critical technical documents
    • Ensure compliance with regulations and privacy laws"