Job Description
Job Description
H2 Performance Consulting is subject to the Vietnam Era Veteran's Readjustment Assistance Act as a Federal Contractor and is an Equal Opportunity / Affirmative Action Employer and strives to build a diverse workforce.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status or disability status.
Additionally, as mandated under Executive order 12989, H2 is required to verify employment eligibility of selected candidates through the Department of Labor’s - E-Verify.
H2 Performance Consulting (H2) is seeking a Information System Security Specialist III to support the Naval Info Warfare Center Atlantic’s Data Center and Cloud Hosting Services and Enterprise Systems.
The Information System Security Specialist III responsibilities will include :
- Develop, implement, and maintain the organization's cybersecurity policies and procedures.
- Oversee the Risk Management Framework (RMF) process, ensuring compliance with federal and organizational standards.
- Conduct security assessments, vulnerability scans, and STIG (Security Technical Implementation Guide) reviews.
- Manage endpoint security solutions and oversee patch management to ensure systems are up-to-date and protected.
- Collaborate with IT and cybersecurity teams to identify and address security risks and vulnerabilities.
- Monitor and respond to security incidents, providing detailed analysis and reporting.
- Maintain documentation related to security policies, procedures, and compliance activities.
- Ensure continuous improvement of cybersecurity practices and tools.
- Implement DoD security requirements, including the deployment of software patches / updates, BIOS and firmware updates, Computer Tasking Orders (CTO), Information Assurance Vulnerability Alerts (IAVA), Public Key Infrastructure (PKI), Data at Rest (DAR) and encryption.
- Evaluate and / or recommend purchase of computers, peripheral hardware, and software.
- Maintain confidentiality regarding the information being processed, stored, and accessed on the network.
- Establish, maintain, and document host connections to the NHRC network.
- Troubleshoot network access problems and implement network security policies and procedures.
- Ensure network security access and protect against unauthorized access, modification or destruction of network components and stored data.
- Responsible for installing, configuring, managing, troubleshooting and operating server equipment and software to include but not limited to : Cloud compute services, Cisco Unified Computing System (USC) Blade Chassis and servers, HP Servers, Oracle SPARC servers, Cisco UCS Manager, VMware vSphere ESXi, VMware vCenter, Citrix XenApp, Citrix Xen Desktop, Citrix Storefront,Solaris, Solaris Zones and Logical Domains (LDOMS), Red Hat Enterprise Linux (RHEL), Windows, as well as Oracle 11g and up, Real Application Clusters (RAC), and MS Structured Query Language (SQL) Server databases
Qualifications and Education Requirements :
- Clearance : Minimum SECRET clearance
- Education : Bachelor’s degree in a technical or managerial related discipline or High School Diploma or GED. Individual shall meet the latest Cybersecurity workforce certification / training in accordance with DoD 8570.
1M and subsequent DoD 8140 manual as applicable.
- Required Certifications : complete a vendor / platform specific certification such as : Red Hat Certification Program (RHCP) role-based certifications
- At least one (1) of the following : CompTIA Security+ or CompTIA Advanced Security Practitioner (CASP) or Certified Information System Security Professional (CISSP).
- Plus : depending on PWS tasking, individual shall be certified as Information Assurance Management (IAM) or Information Assurance Technical (IAT) or Information Assurance System Architect and Engineer (IASAE) Level II or III (position-based).
- Experience :
- Five (5) years with Bachelor’s degree or seven (7) years with HS / GED of practical experience demonstrating competency in Cybersecurity, Engineering, Test & Evaluation (T&E) or Assessment & Authorization (A&A) / Certification & Accreditation (C&A) related field for Linux based systems.
- Individual shall demonstrate a working knowledge of the Risk Management Framework (RMF) process.
- Individual shall be familiar with security policies & guidance documents to assist with the preparation and maintenance of process artifacts, traceability documents purposed for compliance with Authority to Operate (ATO) requirements.
- The specialist shall be capable of evaluating security solutions to ensure they meet security requirements for processing up to classified information and supervise and / or maintain the operational security posture for an information system or program.
- Individual shall have experience assisting or developing system security policy and ensuring compliance of change management and configuration control processes.
Qualified candidates may submit their resume to the career section of our company website at http : / / www.h2pc.com . All resumes will be reviewed within 5 business days and those candidates we wish to further in the application process will be contacted via email / phone to schedule initial phone screens