Information Assurance & Security Specialist - Journeyman

766221 - Q001 - IA & SS - Jrny Hybrid (Onsite & Remote) - 3 days in the office every week. Candidate MUST be local to the DC Metro area.*Only submit local candidates to DMV region**Hybrid position - candidate will be required to be on-site 3x/week in the near future*COMPLETE JOB DESCRIPTION:A. As part of the OCFO technology team, the Security Specialist (Infrastructure Group) will be maintainingand monitoring day to day operation of the OCFO IT infrastructure - Security.B. The IT Consultant will help and perform monitoring, maintenance, and security IT infrastructure (physical,virtual and cloud).C. IT consultant will perform OS, security and application upgrades of servers and network to keep them upto date.D. IT consultant will develop, implement, maintain and enforce documented standards and procedures forthe design, development, installation, modification, and documentation of assigned systems.E. IT consultant will plan, coordinate, and monitor project activities for OCFO Infrastructure group andduties as assigned.F.Log analysis of Firewall, AD, Switches and other deployed security products Knowledge of vulnerabilityassessment tools to identify and mitigate issues.G. Research, analyze, and patch required systems to comply with OCFO compliance mandates.H. Respond to escalation calls from the Help desk, Desktop support, and other teams to debug and resolvesecurity and perform maintenance.I.J.Understands security troubleshooting processes and cooperates with another team.Assists Service Desk technicians as needed with Tier I and Tier II troubleshooting and patching of desktopsystems, software (MS Office, Java, Adobe), printer issues, and server related issues as needed. Providestrouble-shooting assistance on production and non-production supported systems.K. May recommend methods and techniques for obtaining solutions.L.Initiates preventive maintenance for the technical system.Responsibilities...A. Determines enterprise information assurance and security standards.B. Develops and implements information assurance/security standards and procedures.C. Coordinates, develops, and evaluates security programs for an organization. Recommends informationassurance/security solutions to support customers' requirements.D. Identifies, reports, and resolves security violations.E. Establishes and satisfies information assurance and security requirements based upon the analysis ofuser, policy, regulatory, and resource demands.1Use or disclosure of this data is subject to the restrictions on the title page of this proposal or quotation.CDSLLCF.Supports customers at the highest levels in the development and implementation of doctrine andpolicies.G. Apply know-how to government and commercial common user systems, as well as to dedicated specialpurpose systems requiring specialized security features and procedures.H. Performs analysis, design, and development of security features for system architectures.I.Analyzes and defines security requirements for computer systems which may include mainframes,workstations, and personal computers.J.Designs, develops, engineers, and implements solutions that meet security requirements.K. Provides integration and implementation of the computer system security solution.L.Analyzes general information assurance-related technical problems and provides basic engineering andtechnical support in solving these problems.M. Performs vulnerability/risk analyses of computer systems and applications during all phases of the systemdevelopment life cycle.N. Ensures that all information systems are functional and secureQualifications...1. 6-10 years of experience developing, maintaining, and recommending enhancements to ISpolicies/requirements (Required)2. 6-10 years of experience performing vulnerability/risk analyses of computer systems/apps (Required)3. 6-10 years of experience identifying, reporting, and resolving security violations (Required)4. Patching Server 2008 / 2012 /2016 (Required)5. Patching Desktop Windows 10 / 7 (Required)6. Firewall management CISCO NGFW (Required)7. Vulnerability assessment tools Nessus, Tripwire (Desired)8. VMware 5.5 / 6.0 (Required)9. Production support (Required)10. Server and Desktop troubleshooting (Required)11. NIST 800-53 experience (Desired)12. Splunk (Desired)13. Cloud experience (MS Azure) (Desired)EDUCATION:Bachelor's Degree in IT or related field or equivalent experience (Required)