IA & SS Journeyman - Continuous Learning Opportunities

Location: Washington DC

Job Description:

Duties:

a. As part of the OCFO technology team, the Security Specialist (Infrastructure Group) will be maintaining and monitoring day to day operation of the OCFO IT infrastructure ' Security.

b. The IT Consultant will help and performs, monitoring, maintenance, and security IT infrastructure (physical, virtual and cloud).

c. IT consultant will perform OS, security and application upgrades of servers and network to keep them up to date.

d. IT consultant will develop, implements, maintains and enforces documented standards and procedures for the design, development, installation, modification, and documentation of assigned systems.

e. IT consultant will plan, coordinates, and monitors project activities for OCFO Infrastructure group and duties as assigned.

f. Log analysis of Firewall, AD, Switches and other deployed security products Knowledge of vulnerability assessment tools to identify and mitigate issues.

g. Research, analyze, and patch required systems to comply with OCFO compliance mandates.

h. Respond to escalation calls from the Help desk, Desktop support, and other teams to debug and resolve security and perform maintenance.

i. Understands security troubleshooting processes and cooperates with another team.

j. Assists Service Desk technicians as needed with Tier I and Tier II troubleshooting and patching of desktop systems, software (MS Office, Java, Adobe), printer issues, and server related issues as needed. Provides trouble-shooting assistance on production and non-production supported systems.

k. May recommend methods and techniques for obtaining solutions. l. Initiates preventive maintenance for the technical system.

Responsibilities:

a. Determines enterprise information assurance and security standards.

b. Develops and implements information assurance/security standards and

procedures.

c. Coordinates, develops, and evaluates security programs for an

organization. Recommends information assurance/security solutions to

support customers' requirements.

d. Identifies, reports, and resolves security violations.

e. Establishes and satisfies information assurance and security

requirements based upon the analysis of user, policy, regulatory, and

resource demands.

f. Supports customers at the highest levels in the development and

implementation of doctrine and policies.

g. Applies know-how to government and commercial common user

systems, as well as to dedicated special purpose systems requiring

specialized security features and procedures.

h. Performs analysis, design, and development of security features for

system architectures.

i. Analyzes and defines security requirements for computer systems which

may include mainframes, workstations, and personal computers.

j. Designs, develops, engineers, and implements solutions that meet

security requirements.

k. Provides integration and implementation of the computer system

security solution.

l. Analyzes general information assurance-related technical problems and

provides basic engineering and technical support in solving these

problems.

m. Performs vulnerability/risk analyses of computer systems and

applications during all phases of the system development life cycle.

n. Ensures that all information systems are functional and secure

Qualifications:

a. 6-10 years of experience developing, maintaining, and

recommending enhancements to IS policies/requirements (Required)

b. 6-10 years of experience performing vulnerability/risk analyses of

computer systems/apps (Required)

c. 6-10 years of experience identifying, reporting, and resolving

security violations (Required)

d. Patching Server 2008 / 2012 /2016 (Required)

e. Patching Desktop Windows 10 / 7 (Required)

f. Firewall management CISCO NGFW (Required)

g. Vulnerability assessment tools Nessus, Tripwire (Desired)

h. VMware 5.5 / 6.0 (Required)

i. Production support (Required)

j. Server and Desktop troubleshooting (Required)

k. NIST 800-53 experience (Desired)

l. Splunk (Desired)

m. Cloud experience (MS Azure) (Desired)

Education:

a. Bachelor's Degree in IT or related field or equivalent experience

(Required)

b. Security+, CISSP, other security certifications (Preferred)