Address
Form of workJob Title: Information Security Lead
Job Location: Ft Huachuca, AZ
Security Clearance: Active, in-scope US Government issued: TS/SCI w/ Eligibility
Requisition Type: Proposal
Due to the nature of the work and US Government required, US Citizenship is required.
Trace Systems is seeking a cleared Information Security Lead to supervise and manage a team of subject matter experts in the design, configuration, implementation, operational management, and troubleshooting of Enterprise Information Security on-site at Fort Huachuca, AZ.
Duties and responsibilities to include but not limited to the following:
- Provide enterprise compliance analysis, compliance assessments of network and system devices, network and system applications, and network and system operating systems.
- Conduct Change, Configuration, Release Management (CCRM) activities on a recurring basis to coincide with software/firmware releases and downloads: daily, weekly, monthly, and quarterly..
- Identify and configure security remediation measures consistent with Security Technical Implementation Guides (STIG) / Security Requirements Guide (SRG), Information Assurance (IA) Vulnerability Management (IAVM), test to validate, and update within all system documentation and Plan of Action and Milestones (POA&M).
- Manage and maintain a valid, current Enterprise Mission Assurance Support Service (eMASS) record for each system, capability, service, or pilot identified by the Government as emerging requirements..
- Complete and upload into eMASS vulnerability scans using Assured Compliance Assessment Solution (ACAS), and compliance scans (SCAP) on a monthly basis to support Risk Management Framework (RMF).
- Support RMF activities for all systems, capabilities, services, network devices, and emerging capabilities operating on the Department of Defense (DoD) Information Network (DoDIN) and their replacement or follow-on systems/capabilities.
- Utilize the RMF Knowledge Service, policy, and guidance in the accomplishment of all RMF tasks.
- Assess and report upcoming Endpoint Security Solutions (ESS) changes that might impact overall network or enterprise systems for input into the Army ESS (AESS) Change Control Board chaired by ARCYBER and NETCOM.
- Provide technical/security reviews to DoD PPSM exemptions, vulnerability assessments, and participate in the monthly DoD PPSM representatives meeting.
- Support Information Assurance Vulnerability Management (IAVM) and Internet Protocol Network Scanning (IPNS) / Internet Protocol Vulnerability Assessment Tool (IPVAT /Assured Compliance Assessment Solution® (ACAS) for enterprise vulnerability scanning capability for Army and DoD networks and components.
- Maintain and manage the Public Key Infrastructure (PKI) and Technical Cryptographic Modernization (or their replacement or follow-on systems/capabilities).
- Support Common Access Card (CAC) / PKI Registration Authority (RA) / Local RA (LRA) activities at both CONUS and OCONUS locations.
- Support the Directory and Identity Synchronization Service (DISS), the Army’s Identity Credential Access Management capability.
- Participate in the JFHQ-DoDIN Master Cyber Tasking Order and Cyber Tasking Order process.
- Support DoDIN-A Proactive Sensor Management.
- Support 802.1x, Network access control (NAC), and Comply to Connect (C2C) frameworks.
- Support Privileged Access Workstation (PAW).
- Support and manage Security Information Management System (SIMS) / Security Information and Event Management (SIEM).
- Five (5) years of deep knowledge and hands on experience with the following systems concepts and technologies:
- Leading large teams (100+) of multidisciplined IT subject matter experts (SME).
- US Army and DoD regulations regarding Authority to Operate (ATO) activities to include RMF, eMASS, and POA&M.
- AESS and Army Continuous Endpoint Monitoring (ACEM).
- Ports, Protocols, and Services (PPS) Management (PPSM).
- Applications and technology comprising ACAS.
- Active Directory and Directory Services.
- Intermediate network management.
- IA, STIG, SCAP benchmarks, and ACAS.AUDIT compliance audit scanning for hardware and software on the DoDIN.
- DoD Common Access Card (CAC) PIN reset program and workstations.
- CAC/PKI technologies, CAC enabled Active Directory domains, and virtualization technology.
- Army PKI and Joint Informational Environment PKI efforts.
- Active Directory, ActivClient, Hardware Security Module, OCSP, and Certificate Authority and smart card enablement.
- DoDIN-A architecture and operations.
- 802.1x, NAC, and C2C services.
- ArcSight Enterprise Security Manager, ArcSight Database, ArcSight Consoles, and ArcSight Connectors.
- CISCO Networking, Red Hat RHEL 7.9 or 8.4 or greater, Confluent Kafka, Apache® Zookeeper, Elastic Enterprise.
- Knowledge of the following concepts and technologies:
- Network infrastructure, technologies, security, troubleshooting, and tools.
- Windows Desktop, Windows Server, or RedHat Linux
- Virtualization technologies and software, such as VMWare or Hyper-V.
- Cloud technologies, such as Intune, Azure, and Amazon Cloud Services.
- Microsoft Office tools, including Word, Excel, and PowerPoint.
- ITIL processes such as Change, Release, and Configuration Management.
- IAT Level II certification (Security+CE, CCNA Security, SSCP, etc.)
- Current ITIL V4 Foundations or higher.
- An active, in-scope US Government issued Top Secret clearance with SCI eligibility.
- Due to the nature of the work and contract requirements, US Citizenship is required.
- High School Degree or Equivalent
Trace Systems Inc. was founded to support and defend our nation's security interests at home and abroad–– whenever and wherever. We provide enterprise IT, engineering, full life-cycle communications, cybersecurity, cloud and virtualization services and solutions to the United States Department of Defense and other federal agencies.
To Apply: We invite you to put your talents to work by joining a growing team of dynamic professionals here at Trace Systems! Be part of a culture at our leading-edge company where you can achieve great things while fostering a satisfying and rewarding career progression. To learn more about our current openings, text ‘tracejobs’ to 97211 or apply directly through our website at: www.tracesystems.com. #jointracesystems
Trace Systems is an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, disability, veteran status, national origin, sexual orientation, gender identity, pregnancy, genetic information, or any other characteristic protected by law.
