Cyber-Security Technical Administrator

• Serve as overall subject matter expert on Cybersecurity Technical Administrator technology and market capabilities/trends
• Conduct security scans against the organization’s cloud-deployed infrastructure, produce and interpret compliance reports
• Validate technical security controls are in place for operating systems, applications and network appliances, and recommend enhancements
• Review proposed configuration changes for security impact
• Operate endpoint-protection mechanisms, including high-level reporting and day-to-day administration activities
• Work between technical and policy teams to implement, maintain and monitor technical security configuration controls, including: STIG’s, SRG’s and other industry security hardening guidance
• Work between technical and policy teams to successfully implement and manage requirements for maintaining cloud P-ATO, ATO and security control inheritance capabilities
• Collaborate with internal and external parties to transform high-level technical objectives into comprehensive technical requirements
• Use results of vulnerability scans to determine vulnerabilities and develop operational plans to remediate or mitigate vulnerabilities as they are discovered
• Install, operate and maintain Army Endpoint Security System
• Manage ALTESS Cybersecurity training and certification program using the Army Training and Certification Tracking System
• Assist hosted customers in obtaining and maintaining RMF and other certifications as required
• Review and document change requests
• and determine approval or denial of requests
• Update and/or assist the hosted system’s personnel in updating artifacts of the RMF
• i.e., system diagrams (logical and physical) Hardware/Software/Firmware Inventory, Interface & Ports, Protocols and Services listing, etc.
• Interact with the Army CSSP, C5ISR and customer ISSOs/ISSMs on a regular basis

• Mid to senior level Cybersecurity Technical Administrator experience in a cloud environment
• DoD 8570.01-M IAT level II certification is required
• Resource must possess both Baseline and Computing Environment certification as defined in DoD Instruction 8570.01-M
• Strong verbal and written communication skills
• Understanding of DOD Risk Management Framework Assessment & Authorization (RMF A&A), FedRAMP, the DOD cloud provisional authorization (PA) process and the processes to successfully acquire and maintain an Authorization to Operate (ATO)
• Working knowledge of the Federal Risk and Authorization Management Process (FedRAMP), cloud security information impact levels (IL), the differences between an ATO and P-ATO, the differences between a CSO and CSP, and the processes to successfully acquire, maintain and support DOD cloud accreditation
• Experience automating routine administrative tasks desired
• Understanding of network, storage, server and application technologies
• Strong understanding of common cyber threat patterns, indicators of compromise and defenses
• Working knowledge of DoD STIGs and IA Vulnerability Management (IAVM)
• CompTIA Security+
• Computing Environment (CE) Certification (i.e., MCSE, Server+, etc.) – can be waived for 30 days after project join date
• DOD Secret (Fully Adjudicated) clearance, as a minimum
• Information Assurance Engineer – Senior: Masters +10yrs, or Bachelors +12yrs
• Information Assurance Engineer – Intermediate: Bachelors +5yrs or Associates +7yrs

Experience automating routine administrative tasks desired