Eagle Ray, Inc.

Returning Candidate?

Insider Threat (SAFe) Information Systems Security

Insider Threat (SAFe) Information Systems Security

ID 
2017-2388
Job Location 
US-MO-Saint Louis
Security Clearance 
TS/SCI/poly

More information about this job

Overview

We’re looking for Eagle Ray people.  Eagle Ray is a rapidly growing, woman owned business specializing in strategic transformation services. We deliver complex professional services across the IC, DoD and DHS.  With Eagle Ray’s help, our clients reduce cost and program risk, enhance operational performance and drive the development of new capabilities to end users in the National Security Enterprise.  We offer an engaging corporate culture, a dynamic work environment and competitive total compensation.
 
Insight. Impact. Innovation.  Eagle Ray people are hands-on, results-oriented, and invested in the success of our customers’ missions.  Come work with us, you can really make a difference!

 

Insider Threat Engineering Specialists implement NGA’s Scaled Agile Framework for the Enterprise (SAFe) to develop, integrate, operate, and sustain specialized Insider Threat Office Information Technology (IT) in accordance to Executive Order (E.O.) 13587, the White House Memorandum on National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs and the National Insider Threat Task Force (NITTF) Guide. They develop, implement, and ensure compliance with plans, policies, standards, infrastructures, and architectures that establish the framework for the management of all Insider Threat Program IT.  They analyze, plan, design, document, assess, and manage the IT enterprise structural framework to align IT systems with the mission, goals, and business processes of the organization.  They consult with customers to refine functional requirements and translate functional requirements into technical specifications that implement new and improved information systems to meet the business requirements of the Insider Threat Program.  They translate technical specifications into programming specifications; develop, customize, or acquire applications software programs; test, debug, and maintain software programs.  They test, install, configure, and maintain networks including hardware (servers, hubs, bridges, switches, and routers) and software that permits the sharing and transmission of information.  They develop and administer databases used to store and retrieve data and develop standards for the handling of information.  They install, configure, troubleshoot, and maintain hardware and software to ensure the availability and functionality of systems. They ensure the confidentiality, integrity, and availability of systems, networks, and data through analysis, planning, development, implementation, maintenance, and enhancement of information systems security, policies, procedures, and tools. 

Responsibilities

  • Information Systems Security  will enhance insider threat information systems security, policies, procedures, and tools to ensure the confidentiality, integrity, and availability of systems, networks, and data.

Qualifications

Required:

 

  • TS/SCI 
  • Bachelors degree or equivalent experience in related field.
  • 11- 14 yrs.
  • Develop and present weekly information system security briefings. Recommend cost effective solutions to mitigate risks within the Insider Threat IT baseline and propose recommendations for improving the information security processes/procedures.
  • Provide guidance, assistance, and coordination to systems developers, systems administrators, and other IT specialists to ensure verified and timely implementation of IT security standards for systems both under development and already deployed.
  • Document, manage, and control the integrity of changes to all systems security documentation, including standard operating procedures and user guides that provide detailed instructions for implementing IT systems security policies.
  • Assist in the selection of minimum security controls to establish a baseline of measures to prevent security breaches of the information system, document the selected security controls in the security plan and initial Risk Assessment Report (RAR), and, document an approved continuous monitoring strategy. 
  • Document the security control implementation, as appropriate, in the security plan, providing a functional description of the control implementation.
  • During each program increment conduct security testing and verify which security controls are implemented correctly, operating as intended, and producing the desired outcome in meeting security requirements.
  • During each program increment conduct remedial actions on security controls based on the findings and recommendations of the Security Assessment Report and reassess remediated control(s), as appropriate. 
  • Perform daily vulnerability scans and ensure the accountable parties have responded appropriately to vulnerability findings, troubleshoot security threats and vulnerabilities in response to incident reports, and identify/isolate problem sources; and recommend solutions or corrective actions.
  • Monitor and analyze systems logs daily to identify systems security trends and assess the security effectiveness of installed systems based on analysis of reported security problems.

 

Desired:

 

  • Have experience providing information system security services for Insider Threat network, system, software, database systems, and/or data warehouse implementations.
  • Scaled Agile Framework for the Enterprise certification. 

 

Equal Opportunity Employer/M/F/Disability/Vet/Sexual Orientation/Gender Identity