Dell
Security Services Manager
Washington D.C. Metro Area, US - Computer Hardware, Computer Software, Information Technology and Services
Job Description
Manage a small security services team to maintain and elevate NARA security posture. Identify and implement proactive security best practices. Perform individually and through the team the following duties:
Patch management and vulnerability management as a security practice to proactively prevent the exploitation of vulnerabilities that exist within an organization. Develop and manage a security patch and vulnerability management program.
Assist NARA in the management of access to NARANet. This includes, but is not limited to, system interconnections, account privileges, and access to the data center and computer rooms.
Manage NARAs anti-malware system and responds to incidents according to NARA policies and procedures.
Ensure that perimeter and internal network devices are operated and maintained in accordance with NARA, and federal policy.
Coordinate security activities with other Vendors that may manage network devices for NARA.
Ensure operation and configuration of systems and network in such a way that unauthorized devices are not allowed to be connected to the network.
Assist in the management of Assessment & Authorization (A&A), Federal Information Security Management Act (FISMA), and Plan of Actions & Milestones (POA&M) activities for NARANet. NARA uses a methodology that includes continuous diagnostics and mitigations for the continuous authorization of the system.
Update the NARANet General Support System (GSS) System Security Plan annually. NARANets System Security Plan is a series of security plans covering various subcomponents with one overarching security plan that covers common controls for the subcomponents.
Monitor the security state of the servers, workstations, and infrastructure devices is an important part of the continuous authorization of NARAs IT systems. Monitor the security state of all assets included within the scope of this contract. Monitoring should meet NARA and Federal IT security requirement.
Ensure protection of storage media in accordance with NARA and Federal policy and guidelines.
Support NARAs efforts in ensuring that NARAs policies regarding the appropriate use of IT resources are enforced.
From time-to-time, US-CERT will send out action bulletins. These bulletins may contain indicators of malicious activity, the disclosure of new vulnerabilities, or directives to apply patches. Respond to these bulletins in a manner as defined by NARA.
Support NARAs efforts to develop contingency plans and conduct contingency plan testing.
Perform additional duties are requested which may include performing system administration functions, Tier II support, and implementation of IT projects. Be willing and available to work in excess of 40 hours per week, as required. Provide after hours and on-call support as needed.
Required Skills
CISSP certification
Desired Skills
Education
Bachelors Degree or equivalent experience
Experience
8 years general IT experience, including 4 years of relevant experience; CISSP certification.
Requirements
Hazards
No salary provided
Posted June 30, 2014 at 05:03AM from LinkedIn http://ift.tt/1z1wEml
via IFTTT
No comments:
Post a Comment