IA Cyber Security Engineer lead, supports JRDC Infrastructure Engineering Information Assurance. Skills and certifications are focused on Computer Network Defense Service Provision from an Information Assurance perspective. Responsibilities include but are not limited to functioning in a CNDSP position performing vulnerability scanning and reporting, utilizing Defense Information Systems Agency (DISA) approved tools. Will develop anti-malware techniques, understanding and implementing INFOCON/CYBERCON changes within an enterprise. Responsible for managing an effective Information Assurance Vulnerability Management (IAVM) program across multiple enclaves. Will fulfill Network Security Monitoring/Intrusion Detection functions. Will work network security incidents to include identification, reporting, and analysis. Will provide technical security engineering support and apply system security engineering principles to provide realistic configuration management solutions designed to enhance the MDA security posture. Specific expertise include but are not limited to patch management with a focus on utilizing DISA tools like Vulnerability Management System (VMS); Infrastructure Design; Troubleshooting Techniques; Systems Security; and Documentation Development.

This position requires the use of IA/Computer Network Defense direction from the Defense Information Systems Agency (DISA) along with industry best practices for strategic planning and consultation; performing vulnerability scans with automated tools such as Retina, Gold Disk, STIG's and SRR scripts; familiarity with Windows Active Directory and Windows application security. It frequently involves infrastructure design for systems security and documentation development, strong writing and project management skills are necessary to oversee and lead engineering projects and produce documentation required for certification evaluations. It also applies knowledge of configuration management, wireless system security, Unix operating systems, the Department of Defense (DoD) patching program, DoD C&A process, open source software operating systems, TEMPEST enforcement, CAC/PKI technology, security incident handling, software testing and evaluation, Common Criteria requirements and FIPS 140-2 standards. Additionally, this position necessitates the ability to quickly adapt to new situations and the capacity to de-conflict requests/requirements

As the IAM for the 4th Infantry Division I am responsible for the supervision of eight personnel and four subordinate IA programs. The IAM also develops and enforces a formal IA security and training program as well as; develops procedures for immediate notification and recall of IA personnel as necessary; enforcing IAVM dissemination, reporting, compliance, and verification procedures; reporting security violations and incidents to the unit Commander, FORSCOM IAPM, and servicing RCERT. Manage IASOs, as required, to establish scope of responsibilities. Conduct semi-annual reviews of all Information Systems (IS) and networks Negotiate C&A issues with the DAA, for incoming systems, and make recommendations. Validate and maintain training and certification records for appointed IA personnel and user IA awareness training records in ATCTS database. Ensure the use of Army approved procedures for clearing, purging & releasing system memory, media output, and devices. Review all IA C&A support documentation. review all IA C&A support documentation. Maintain a repository for all systems C&A documentation and modifications. Identify data ownership for each IS or network within their Authority Verify that all ISs are certified and accredited in accordance with DIACAP, Networthiness and CM policies. Serve as a voting member of an applicable Configuration Control Board CCB where one exists. Ensure that IA personnel are maintaining and auditing access and log data .Provide input to the FORSCOM IAPM for management controls. The FORSCOM IAM/IAPM will provide policy and guidance to all subordinate IAMs. Corps/Div/Bde IAMs will ensure their Command is registered in the Information System Security Program (ISSP) database and will provide unit IA resource requirements to the FORSCOM IAPM.