Denver, Colorado, United States
|Computer Systems Security Specialist 4|
|Engineering & IT|
| Designs, tests, and implements state-of-the-art secure operating systems, networks, and database products. Conducts risk assessment and provides recommendations for application design. Involved in a wide range of security issues including architectures, firewalls, electronic data traffic, and network access. Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. May prepare security reports to regulatory agencies. |
PRIMARY DUTIES AND RESPONSIBILITIES:
Under the direction of the Information Security Manager (ISM), the IT Security Analyst shall be responsible for the overall Information Security Architecture of the environment and implementation and/or support of Information Security network monitoring activity to include IDS/IPS, vulnerability identification and remediation, firewall rules/settings/reviews, access log reviews, antivirus/malware management.
-Define Network, Server, Workstation, Desktop and Laptop hardening specifications
-Define authentication and identity management requirements
-Perform design review of information security architectural designs and define approved tools and resources
-Conduct research, identify and test vulnerabilities in the areas of the information system and networks security
-Evaluate connection requests and perform security risk assessments and responses
-Develop and manage security status metrics reports to Leadership
-Coordinate and conduct special projects as directed by the ULA ISM
-Perform Site Assessments
|Safety to Self and Others: Must be able to perform all assigned tasks in a safe manner. While performing the duties of this job, the employee may be exposed to repetitive motion injuries due to keyboarding or to cuts and bruises due to typical office accidents. Physical Demands: While performing the duties of this job, the employee is regularly required to use computer and office equipment and to use hands to type, manipulate, handle, and feel; reach with hands and arms; talk; and hear. The employee frequently is required to stand, walk, and sit. The employee is occasionally required to climb, balance, bend, stoop, kneel, or crouch. The employee must regularly lift and/or move up to 10 pounds and occasionally lift and/or move up to 50 pounds. Specific vision abilities required by this job include close –vision and ability to adjust focus. Work Environment: The noise level in the work environment is typical of most office environments with telephones, personal interruptions, and background noises. Mental Functions: While performing the duties of this job, the employee is regularly required to communicate verbally and in writing and use interpersonal skills. The employee is regularly required to prioritize, multitask, analyze, interpret, coordinate, compile, evaluate, synthesize, compute, problem solve, concentrate, and think critically. The employee is occasionally required to copy, instruct, and negotiate. Judgment and Decision-Making: Work is regularly assigned by self, supervisor, and departmental staff. While performing the duties of this job, the employee is regularly required to exercise prudent judgment, decision making, and analytical skills to determine manner and operational steps necessary to properly handle inquiries and perform daily tasks within professional standards. Decision making is guided by ULA policies and procedures. All tasks described in the job description must be met by an employee to successfully perform the essential functions of this job. The duties and responsibilities listed are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of fundamental job duties and responsibilities does not exclude them from the position if the work is similar, related or a logical assignment for the position. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions. Security Clearance / International Traffic In Arms Regulations (ITAR) This position requires use of information which is subject to the International Traffic In Arms Regulations (ITAR). Therefore, all applicants must be U.S. Persons as defined in ITAR 120.15 (e.g., U.S. Citizen or Permanent Resident (Green Card holder) or protected individual. Also see 8 U.S.C. 1101(a)(20) and 8 U.S.C. 1324b(a)(3) for additional information.) ULA is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, national origin, disability, protected veteran status or any other categories protected by law. ULA is a participant in the federal E-Verify Program. Posters in PDF format pertaining to this program can be accessed by clicking on the links identified below. E-Verify Participation poster (English | Spanish ) and Right to Work poster (English | Spanish ).|
| -Bachelors Degree |
-10 years Information Technology experience
-5 years professional experience working in Information Security in a computer/network/security analyst role providing Information Security design reviews, setting hardening specifications, implementing secure infrastructures and developing risk assessment and mitigation plans.
-Hands on experience with Information Network Security Devices (one or more of: IDS/IPS, Firewalls, Mail Relay/SPAM Filters, Web Proxies, Network Access Control)
-Hands on experience with Windows and UNIX/Linux Systems
-Working knowledge of network protocols (e.g. TCP/IP, routing protocols (i.e. EIGRP, IGRP, RIP, OSPF, BGP))
-Experience with Security Information and Event Monitoring (SIEM) systems or log management and analysis
-Experience working in highly regulated environments supporting or serving governmental customers (i.e. Aerospace, DoD, DoE, DHS, or other Federal, or State entities
-Proven ability to effectively communicate technical security requirements across multiple lines of business operations.
-DoD Secret Clearance
| -10 years experience working in Information Security organization for a multi-site, Aerospace and Defense Company in an NIST800-xx, FISMA, DIACAP, NISPOM or ISO 27000 environment |
-Demonstrated experience managing authentication systems (i.e. RSA SecurID, Active Directory, LDAP, NIS, Oracle Identity Manager, etc)
-Demonstrable experience designing, integrating or supporting Internet perimeter services.
-Experience performing security hardening on Active Directory and modern Windows Operating Systems (e.g. Windows 7/10, Windows Server 2008/2012/2014).
-Experience developing hardening standards for operating systems and applications and testing compliance to standards.
-Experience with Data Loss Prevention Systems (DLPS)
-Experience configuring and managing antivirus and host intrusion protection systems (e.g. McAfee ePO and HIPS)
-Experience developing and performing Risk Assessment based on NIST-800-37 framework
-Experience with managing outsourced service providers
-Experience performing in or managing a computer incident response team. Experience on a CIRT team dealing with Advanced Persistent Threats is a plus
-Excellent analytical and problem solving skills
-DoD Top Secret/SCI clearance