Information Security Specialist III

Job Title: Information Security Specialist III 



Job Location: Fort Cavazos, TX, 76543 



Security Clearance: 



Must be a U.S. Citizen. A high-level Department of Defense active Secret

security clearance is required. Applicants selected will be subject to a

security investigation and may need to meet eligibility requirements for

access to government information. 



Job Summary:



B Technology, LLC has an immediate opening for an Information Security

Specialist to join our rapidly growing team. B Technology, LLC is

looking for an enthusiastic, well-qualified individual to fill the

Information Security Specialist III position and to join our team of

qualified, diverse individuals. 



The Information Security Specialist Performs under general direction and

uses current information security technology disciplines and practices

to ensure the confidentiality, integrity and availability of Government

information assets in accordance with established standards and

procedures. Develops and maintains knowledgebase on changing regulatory,

threat, and technology landscapes to continually develop or maintain

security policies and standards, and ensures compliance throughout the

organization; Provides Risk Management Framework, circuit/system

accreditation and certification policy services; Participates in the

development or modification of the computer environment IA security

program plans and requirements; Develops procedures to ensure system

users are aware of their IA responsibilities before granting access to

DoD information systems; Recognizes possible security violations and

takes appropriate action to report the incident, as required; Ensures IA

security requirements are appropriately identified in computer

environment operation procedures; and collects and maintains data needed

to meet system IA reporting requirements. 



 



Job Requirements: 



- Responsibilities: (Not listed in order of importance; other

duties may be assigned) and must be able to perform the following with

minimal guidance: 



- Provide oversight for the Computer Network Defense-Service

Provider (CNDSP) 



- Work with system owners to close IAVMs/ICVMs and open Plan of

Action and Milestones (POA&Ms) in a rapid fashion, in accordance with

DoD instructions/directives. Review all POA&MS with the Program Manager

on at least a quarterly basis and update the POA&Ms accordingly. 



- Provide Defense in Depth principles and technology in security

engineering designs and implementation 



- Analyze existing and future systems, reviewing security

architectures, and developing engineering solutions that integrate

information security requirements to proactively manage information

protection 



- Apply security risk assessment methodology to system

development, including assessing and auditing network penetration

testing, antivirus deployment, risk analysis 



- Conduct Computer Incident Response Team (CIRT) activities,

including forensic analysis 



- Engineer and deploy network defense countermeasures such as

anti-virus, anti-spam, and intrusion detection and prevention system

solutions 



- Analyze IA security events, including threat model development

and resulting security risk analysis of systems 



- Review and assess information security events and logs via

sophisticated security information/event manager 



- Plan, implement, and manage a Defense In Depth for the total

network and/or enclaves within the network to include such items as:

scanning, remediation, host and network intrusion detection/prevention,

firewalls, proxy servers, web cache, virus programs, vulnerability

scanning, content filtering, remote dial in protection, Host Based

Security Services, Directory Services, and Certification and

Accreditation, DoD Instruction 5200.40, accreditation guidance and

advice IAW AR 25-2 and IA Best Business Practices (BBPs). Plan, respond,

investigate, and report undisclosed classified incident remediation.  



- Assess and mitigate system security threats/risks throughout

the program life cycle 



- Validate system security requirements definition and analysis

and review/approve System Security Plans for enterprise-wide

architectures 



- Maintain Agency public key infrastructure system Implement

security designs in hardware, software, data and procedures 



- Provide support for the Department of Defense (DoD) Public Key

Infrastructure (PKI) service. 



- Responsible for requesting, receiving, installation, and

accountability of system (server) PKI certificates and providing

technical support for PKI.  



- Provide Certification and Accreditation, as well as provide

Automated Information System Accreditation support  



- Provide Security Risk Assessment. Perform risk analysis of

resources, controls, vulnerabilities, impact of losing systems’

capabilities and threats to the mission objective; provide analysis to

facilitate decisions to implement security countermeasures or mitigate

risk; implement countermeasures; periodically review program. Recognize

possible threats and review evaluations for compliance and

non-compliance.  



- Proficiency in typing and reading from a computer screen for

job tasks. 



- Demonstrated mobility skills, including bending, reaching, and

kneeling to perform duties efficiently. 



- Capability to lift weights up to thirty (30) pounds as

needed. 



- Possession of a valid driver’s license. 



- Maintenance of a clean driving record. 



- Occasional use of company vehicle while on the work site. 



- Other duties as required 



Education / Certifications: 



- Bachelor’s Degree in Computer Science, Cybersecurity, Computer

Engineering, or related discipline 



- 3+ years of experience performing Information Assurance functions and

using RMF IT security controls and policies 



- Must possess and maintain an IT-I level certification IAW AR 25-2 and

IAT-II/IAM-II certifications IAW DoD 8570.01-M 



- Secret Clearance 



 



Knowledge:  



- Proficiency in information security technology disciplines and

practices to ensure the confidentiality, integrity, and availability of

Government information assets. 



- In-depth understanding of regulatory, threat, and technology

landscapes to develop and maintain security policies, standards, and

procedures. 



- Experience in providing Risk Management Framework, circuit/system

accreditation, and certification policy services. 



- Knowledge of Defense in Depth principles and technology in security

engineering designs and implementation, including analyzing existing and

future systems, reviewing security architectures, and developing

engineering solutions. 



 



Abilities:  



- Ability to organize, prioritize and meet deadlines 



- Ability to sit or stand for extended periods of time as necessary for

work. 



- Capable of conveying complex information in a simplistic manner 



- Strong critical thinking and problem-solving skills 



- Strong self-starter requiring minimal supervision 



- Able to take proactive measures to prevent problems rather than

reactive by nature 



- Strong verbal and written communication to effectively express

concepts, plans, and proposals 



Arena Technical Resources, LLC, (ATR) is an Equal Opportunity Employer

(EOE) who will provide equal employment opportunity to employees and

applicants for employment without regard to race, ethnicity, religion,

color, sex, pregnancy, national origin, age, veteran status, ancestry,

sexual orientation, gender identity or expression, marital status,

family structure, genetic information, or mental or physical disability.