Information System Security Engineer - Team LeadFull-timeRemote / Telework•Serve as the ISSE Team Lead for the RE-AC-Team, providing proper training and guidance of current processes and procedures of C&A Package Development.•Serve as the ISSE Team Lead for the DCS/Platforms Tower, providing proper training and guidance of current processes and procedures of C&A Package Development.•Conduct reviews of C&A Packages prior to them being approved to submit to the Government for validation and ATO approval.•Hardware and Software product testing with total solution level verification utilizing common tools such as ACAS, DISA STIG’s, and DISA SRG’s.•Develop and update C&A artifacts, and solution concept and design.•Develop deliverables in order to meet customer’s written requirements as well as meet security requirements as outlined in DISA STIG’s and SRG’s.•Review and evaluate various testing reports, such as ACAS, and effectively mitigate reported vulnerabilities and help assess risks.•Provide dedicated support to ensure the continuous maintenance of the Information Assurance (IA) posture of the USN’s NMCI systems and solutions.•Responsible for interfacing with other principals to identify and plan for IA requirements.

•Serve as the ISSE Team Lead for the RE-AC-Team, providing proper training and guidance of current processes and procedures of C&A Package Development.•Serve as the ISSE Team Lead for the DCS/Platforms Tower, providing proper training and guidance of current processes and procedures of C&A Package Development.•Conduct reviews of C&A Packages prior to them being approved to submit to the Government for validation and ATO approval.•Hardware and Software product testing with total solution level verification utilizing common tools such as ACAS, DISA STIG’s, and DISA SRG’s.•Develop and update C&A artifacts, and solution concept and design.•Develop deliverables in order to meet customer’s written requirements as well as meet security requirements as outlined in DISA STIG’s and SRG’s.•Review and evaluate various testing reports, such as ACAS, and effectively mitigate reported vulnerabilities and help assess risks.•Provide dedicated support to ensure the continuous maintenance of the Information Assurance (IA) posture of the USN’s NMCI systems and solutions.•Responsible for interfacing with other principals to identify and plan for IA requirements.

The primary objective is to achieve and maintain ATO (approval to operate) from the Designated Approval Authority (DAA) for all U.S. Navy workplace systems to include workstations, servers, networks, printers, software and peripherals for over 300,000 client seats.• Assist systems engineers in meeting DISA established security profiles as well as customer determined Information Assurance objectives. Edit engineering documentation prior to submission for review by the customers IA review board. Assist the Domain Architect in presenting engineering designs and plans to the customers IA review board.• Create original DIACAP submissions for new systems and incorporate updates to pre-existing systems. Collect and review related information security artifacts (certifications, test results, configuration documentation) for C&A review.• Coordinate the timely testing and reporting of test results for various hardware and software solutions and systems. Perform actual tests and reviews as required to include ACAS and Retina vulnerability scans, SCAP Benchmark tests and manual STIG reviews.• Remediate or mitigate all outstanding vulnerabilities in accordance with DISA guidance to include changing device security profiles and settings, updating GPO’s and patching systems. Report and reconcile False Positives from testing and request exception acceptance from the DAA.• Create and execute Test Plans, collecting and documenting results for DIACAP submittal. Create or update Risk Assessment Review reports.• Function as the liaison in person, in writing and over the phone to Vendor representatives and to customer IA Validators as well as Certification Authorities addressing the IA posture of various packages and systems.<>Team Lead<>CompTIA Sec+<>SAFe 4 Practitioner

The primary objective is to achieve and maintain ATO (approval to operate) from the Designated Approval Authority (DAA) for all U.S. Navy workplace systems to include workstations, servers, networks, printers, software and peripherals for over 300,000 client seats.• Assist systems engineers in meeting DISA established security profiles as well as customer determined Information Assurance objectives. Edit engineering documentation prior to submission for review by the customers IA review board. Assist the Domain Architect in presenting engineering designs and plans to the customers IA review board.• Create original DIACAP submissions for new systems and incorporate updates to pre-existing systems. Collect and review related information security artifacts (certifications, test results, configuration documentation) for C&A review.• Coordinate the timely testing and reporting of test results for various hardware and software solutions and systems. Perform actual tests and reviews as required to include ACAS and Retina vulnerability scans, SCAP Benchmark tests and manual STIG reviews.• Remediate or mitigate all outstanding vulnerabilities in accordance with DISA guidance to include changing device security profiles and settings, updating GPO’s and patching systems. Report and reconcile False Positives from testing and request exception acceptance from the DAA.• Create and execute Test Plans, collecting and documenting results for DIACAP submittal. Create or update Risk Assessment Review reports.• Function as the liaison in person, in writing and over the phone to Vendor representatives and to customer IA Validators as well as Certification Authorities addressing the IA posture of various packages and systems.

•Responsible for interfacing with other principals to identify and plan for IA requirements.•Responsible for the development and/or delivery of requisite documents (i.e. Authority to Operate (ATO), Interim Authority to Operate (IATO), Authority to Connect (ATC), in accordance with both the DoD Information Assurance Certification and Accreditation Process (DIACAP) and Risk Management Framework (RMF).•Responsible for the vulnerability scanning using both Assured Compliance Assessment Solution (ACAS) and SCAP Compliance Checker (SCC).•Provide Cybersecurity assistance to other agencies in the CAMEO project.

•Provided dedicated support to ensure the continuous maintenance of the Information Assurance (IA) posture of C2 and C4ISR systems support.•Responsible for meeting IA requirements in response to expeditionary-ready air-ground task forces in response to Joint Operations.•Responsible for interfacing with other principals to identify and plan for IA requirements.•Responsible for providing subject matter expert guidance in the development and/or delivery of requisite documents (i.e. Authority to Operate (ATO), Interim Authority to Operate (IATO), Authority to Connect (ATC), Interim Authority to Connect (IATC, etc.) in accordance with the DoD Information Assurance Certification and Accreditation Process (DIACAP).•Responsible for the coordination of relevant program requirements, ensuring readiness for appropriate operational support, and representing the IA interests on behalf of the requesting section.•Responsible for the execution of a comprehensive IA program and system C2 support necessary for availability, access and employment.•Responsible for reviewing and testing IA Security vulnerabilities throughout all phases of a deployment.•Responsible for the testing and evaluation of the security posture of all programs within the requesting section as well as other systems and applications as directed.•Responsible for the support for Red Team penetration testing, Blue Team support, and risk mitigation development of vulnerabilities isolated by the testing program.

•Install, configure, manage and maintain Microsoft SharePoint servers and Microsoft SQL servers.•Create and configure SharePoint sites and site collections as well as databases and services.•Responsible for the back-up and recovery of SQL and SharePoint servers on a test environment as well as production tactical domains.•Responsible for establishing and maintaining end user access policies and permissions.•Responsible for implementing and maintaining search services, including defining search scopes.•Responsible for implementing and maintaining user profile properties, including “MySites” functionality.•Responsible for proper and proficient implementation of SharePoint security practices and procedures.•Assist in the proper implementation of all computer networks and USMC C4 systems in a tactical Combat Operations Center (COC).

•Oversee the implementation of information systems and network security principles, policies, and procedures as well as the department of Defense Information Assurance Certification and Accreditation Process (DIACAP) in order to defend against unauthorized access and network attacks.•USMC C4 systems integration, analysis and technical troubleshooting•Coordinate and supervise II Marine Expeditionary Force (MEF), Major Subordinate Commands (MSC), and Major Subordinate Elements (MSE) information assurance representatives in the execution of the II MEF cyber security program.•Direct the incident reporting program to ensure the proper handling and reporting of incidents to Headquarters Marine Corps.•Develop protective and/or corrective measures for discovered security issues to ensure appropriate certification and accreditation documentation is developed within the II MEF.•Conduct security audits and inspections of the II MEF tactical and garrison networks to ensure compliance with all NSA, DoD, DoN, USMC, and organizational policies, and procedures as well as the Department of Defense Information Assurance Certification and Accreditation Process.•Advise leadership on computer network defense requirements and emerging computer and exploitation methodologies by developing and implementing Information Assurance Vulnerability Management (IAVM) plans.•Review, approve and forward to higher headquarters, all tactical and garrison Certification and Accreditation packages for the II MEF as well as all II MEF MSC’s, and MSE’s.

•Assist in the planning and supervision of the employment, installation, operation, and maintenance of single channel (HF, VHF, UHF, and UHF SATCOM to include demand assigned multiple access (DAMA)) radio networks, multichannel (UHF, SHF, to include GMF, AND EHF) radio systems, enhanced position location and reporting system (EPLRS) networks, voice and message switching networks, and data communications networks.•USMC C4 systems integration, analysis and technical troubleshooting•Assist in the planning and supervision of the operational employment of the company.•Assist in the Supervision of detachment level system control center (SYSCON) operations overseeing the overall status of all communications circuits within the communication detachment's purview.•Assist in the management of all aspects of company training and capability exercises.•Assist in the planning and supervision of the handling, embarkation, storage, management and disposal of hazardous material (HAZMAT).

•Providing subject matter expert guidance in the development and/or delivery of requisite documents (i.e. Authority to Operate (ATO), Authority to Connect (ATC), in accordance with the DoD Information Assurance Certification and Accreditation Process (DIACAP).•Plan, coordinate and implement information systems and network security principles, policies, and procedures by developing and implementing plans in order to defend against unauthorized access and network attacks.•C4 systems integration, analysis and technical troubleshooting•Coordinate and supervise MEU MSE, information assurance representatives in the execution of the 26 MEU cyber security program.•Ensure the proper handling and reporting of incidents to higher Headquarters.•Develop all tactical and garrison Certification and Accreditation (C&A) documentation for the 26 MEU as well as all Major Subordinate Elements were developed and submitted to higher headquarters in accordance with the DoD IA C&A•Conduct security audits and inspections of the 26 MEU as well as MSE’s tactical and garrison networks to ensure compliance with all NSA, DoD, DoN, USMC, and organizational policies, and procedures.•Advise leadership on computer network defense requirements and emerging computer and exploitation methodologies.•Identify, coordinate, and implement requirements for the organizations communications network, to include SIPRNet, NIPRNet, Defense Switching Network (DSN) Telephone, Voice Over Secure Internet Protocol (VOSIP), and Combined Enterprise Regional Information Exchange (CENTRIX).•Identify, coordinate, and implement hardware and software requirements for the units communications network, to include Microsoft Server 2008, Microsoft Exchange 2003 and 2007, Microsoft SharePoint Server 2007, VMware, NetApp FAS2050 clusters utilizing NFS for all network and VMware data storage, Microsoft Office Suites, Public-key Infrastructure, Blue Force Tracker, Command Post of the Future, and Voice Over IP.

•Supervise computer network incident handling and response through network event monitoring, threat mitigation, and enterprise incident response.•USMC C4 systems integration, analysis and technical troubleshooting•Supervise the successful execution of a 24x7 intrusion detection, protection, and monitoring capability across the Marine Corps Enterprise Network (MCEN).•Recommend solutions and oversee response to Joint Task Force Global Network Operations (JTF-GNO) tasking orders and directives that pertain to network defense.•Assisted all tactical units within the USMC on the proper implementation of C2 systems in a COC environment as well as the proper incorporation and utilization of Information Assurance hardware and software tools. •Oversee the training, welfare and execution of duties for 15 Marines and 12 contractors within the Marine Computer Emergency Response Team (MARCERT).•Ensure documentation and continuous revision of the Tactics, Techniques and Procedures (TTPs) that MARCERT employs to accomplish its mission.

•Plan, coordinate and implement information systems and network security principles, policies, and procedures by developing and implementing IAVM plans in order to defend against unauthorized access and network attacks.•USMC C4 systems integration, analysis and technical troubleshooting•Coordinate and supervise in the execution of the 8th Communication Battalion Information Assurance program.•Direct the incident reporting program to ensure the proper handling and reporting of incidents to higher Headquarters.•Prepare all tactical and garrison C&A documentation for 8th Communication Battalion and submit to higher headquarters in accordance with the DoD Information Assurance Certification and Accreditation Process.•Oversee protective and/or corrective measures for discovered security issues to ensure appropriate certification and accreditation documentation is developed within 8th Communication Battalion.•Conduct security audits and inspections of the 8th Communication Battalion tactical and garrison networks to ensure compliance with all NSA, DoD, DoN, USMC, and organizational policies, and procedures.•Advise leadership on computer network defense requirements and emerging computer and exploitation methodologies by developing and implementing IAVM plans.•Advise leadership on all matters pertaining to the welfare of the organization.•Coordinate with Battalion Operations on all missions to which the Tactical Data Network Gateway equipment is utilized.•Plan, coordinate, install and manage the hardware and software within the Tactical Data Network Gateway equipment to include Microsoft Server, Microsoft Exchange, Microsoft Office Suites, Cisco Switches and Routers.•Plan and execute network policies and procedures for the organization tactical communication networks supporting several units on the east coast.

•USMC C4 systems integration, analysis and technical troubleshooting.•Supervise all computer networks, hardware, software, and electronic classrooms including Microsoft Server, Microsoft Exchange, and Microsoft Office Suites, as well as Cisco switches and routers.•Train and supervise the data section on hardware and software standards such as Norton Ghost, Microsoft 2000 Professional, and Microsoft Exchange 5.5.

•Establishing and maintaining both tactical and garrison Local Area Networks, as well as Wide Area Network connectivity.•Training of employees in the areas of network installation and maintenance and computer repair.•Plan, Coordinate and execute tactical data communications for all field exercises, including 4 Weapons Training Instructions (WTI).

•Establishing and maintaining both tactical and garrison Local Area Networks, as well as Wide Area Network connectivity.•Training of employees in the areas of network installation and maintenance and computer repair.•Plan, Coordinate and execute the transition from Banyan Vines to Windows NT.•Team lead for the installation, management, and long term maintenance of equipment for Main side, Camp Lejeune.