SECURITY ENGINEER

Job Summary:  Job duties are focused on support of the continuous phase monitoring or post accreditation phase support for NOAA's Office of Marine Aviation's Marine Operations Centers in Norfolk, VA. Specific duties include:  1) Research and document the potential threats that could exploit MOC Ship and Office Support information system flaws or weaknesses documented in a risk assessment. Threat identification process will be consistent with the FIPS 199 security category of the information system. 2) Confirm and document system vulnerabilities that could be exploited by potential threat sources in the system security plan, risk assessment, or an equivalent document. The process of identifying vulnerabilities includes an analysis of the system security controls employed to protect the system. The identification of vulnerabilities can be accomplished in a variety of ways using questionnaires, on-site interviews, document reviews, and automated scanning tools. All potential sources to identify vulnerability sources will be exploited that will include system information and data from the outside that identifies new vulnerabilities and methodologies to reduce the risk and/or to eliminate the vulnerabilities altogether 3) Utilize established configuration management and control procedures, document proposed or actual changes to the information system (including hardware, software, firmware, and surrounding environment). 4) Analyze the proposed or actual changes to the information system (including hardware, software, firmware, and surrounding environment) to determine the security impact of such changes. Conducting a security impact analysis is part of the ongoing assessment of risk within the agency 5) Provide documented input for the update of the system security plan based on the documented changes to the information system (including hardware, software, firmware, and surrounding environment) and the results of the continuous monitoring process. 6) Provide IT security input and recommendations that will assist in rectifying noted items in the plan of action and milestones (POA&M). Complete POA&M tasks assigned by the COTR. Duties include reporting progress made on the current outstanding items listed in the plan, addressing vulnerabilities in the information system discovered during the security impact analysis or security control monitoring; and describing how the information system owner intends to address those vulnerabilities (i.e., reduce, eliminate, or accept the identified vulnerabilities). 7) Provide training for IT administrators and other staff to keep them up to date with threat environment and security processes and procedures  Education: Bachelor’s degree in Computer Science degree or related fields. Requirements:  * At least five years experience supporting the creditation and certification process.Candidate should also be familiar with Microsoft Operating environment (domain controllers, file servers, and application servers), MS applications, CISCO networking hardware and software, and MS Active Directory to the extent that all of the above activities can be performed with an adequate technology knowledge base   To view a complete job description and apply click here:  https://careers.rsis.com/recruiter/cc/CCJobDetailAction.ss?command=CCViewDetail&ccid=bupJEdUjsTs%3D&job_REQUISITION_NUMBER=12840  If you are interested please send an email to anh.nguyen@wyle.com with your desired salary range.  Our Sr. Recruiter will then contact you regarding this opportunity.   View our outstanding benefits at:   http://www.rsis.com/rsis-corporate/RSIS/RSIS-Careers/Outstanding-Benefits.cfm Wyle Information Systems Group offers a competitive salary, training reimbursement, education reimbursement, and a comprehensive benefits package. Wyle is proud to be an equal opportunity employer. We pledge equal access to employment, facilities, and programs, regardless of race, color, creed, religion, sex, age, disability, national origin, veteran or marital status.  Company: Wyle Information Systems, LLC Location: Norfold, VA Status: Full Time, Employee Job Category: Engineering Career Level: Experienced (Non-Manager) Industry: Engineering Services Occupations: General/Other: Engineering Industry: Engineering Services Email: Apply by Email Reference Code: 12840