IT Security Analyst 2

Job Title: IT Security Analyst 2

Location: Alpena, MI

Duration: 2 Months

Note: Selected candidates need to be on board Onsite. They need to pick their on- boarding documents and equipment manually. No expenses will be paid for travelling

Job Description:

Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended.

Years of Experience: 4-7 years of experience in the field or in a related area.

Job Summary:

Familiar with standard concepts, practices, and procedures within a particular field. Relies on limited experience and judgment to plan and accomplish goals. A certain degree of creativity and latitude is required. Works under limited supervision with considerable latitude for the use of initiative and independent judgment.

Monitor and advise on information security issues related to the systems and workflow at an agency to ensure the internal IT security controls for an agency are appropriate and operating as intended. Coordinate and execute IT security related projects for the agency. Coordinate response to information security incidents. Develop and publish Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance with State IT Security policies, standards, and guidelines.

Conduct campus-wide data classification assessment and security audits and manage remediation plans. Collaborate with IT management, Internal Audit, and SOM to manage security vulnerabilities. Create, manage and maintain user security awareness. Conduct security research and keep abreast of the latest security issues.

Position performs duties necessary to accomplish information technology and secure telecommunications functions and provide for customer services in support of programs essential to state Air National Guard daily operations, training, and readiness missions.

MAJOR DUTIES:

1. Responsible, in concert with the military cyber surety and cyber operations personnel, for accomplishment of the Risk Management Framework package. Ensuring that all access controls are all properly answered and updated in the on-line system of record. Ensures that all FISMA testing has been accomplished and updated as required. Reviews all information in ITIPS, SNAP, and GIAP for accuracy and submits changes and updates as needed. Scans the network for critical vulnerabilities and assists with mitigation efforts. Reviews and updates network policies, diagrams, and other evidence of secure operations. Research the NIST, DOD, and Air Force publications to ensure proper mitigations and compliance are being applied. Manage all port request submissions and validations.

30% of job

2. Assists primarily in management of the Communications Security (COMSEC) account, as an alternate to the COMSEC Account Manager (CAM) for the base and any ground separated units (GSUs). Assists in ensuring that the COMSEC Responsible Officers (CRO) comply with Air Force, National Guard, State, Federal Laws and applicable regulations. Acts in concert with the primary as the sole point of contact to the Base Commander concerning the Base COMSEC posture. Assists in providing a staff level function by overseeing and managing all levels of customer support. Ensures effective control of network requirements by providing a central point of contact for actions to include resolving resource conflicts, assisting system users, reviewing outstanding requirements, assessing and validating priorities, and providing solution advice to customer problems. Working with the primary notifies Cyber Systems Superintendent of outstanding network security problems. Ensures the coordination, development and implementation of a number of user and customer oriented training programs for computer and software systems, programs, and procedures.

15% of Job

3. Serves as Alternate Equipment Control Officer (ECO). Assists the primary ECO in the responsibility for the inventory of computers, LAN remote terminals, software, and peripheral equipment. This responsibility entails: submitting newly acquired equipment, equipment location frequency of maintenance, cost, and points of contact for inclusion in the Air Force Equipment Management System (AREMS) or Information Processing Management System (IPMS). Ensures proper disposal and disposition of all Automated Data Processing Equipment (ADPE).

15% of Job

4. Assists in the management of the Network Security Program. Implements and advises on IT security policies and procedures to ensure protection of information transmitted to the installation, among work centers on the installation, and from the installation using LAN, WAN, the World Wide Web, or other communications modes. Utilized current and future multi-level security products collectively to provide data integrity, confidentiality, authentication, non-repudiation, and access control of the LAN. Reports to MAJCOM, Air Force Communications Agency, National Security Agency, and/or Air Force Computer Emergency Response Team all incidents involving viruses, tampering, or unauthorized system entry. Controls access to prevent unauthorized persons from using network facilities. Limits access to privileged programs (i.e., operating system, system parameter and configuration files, and databases), utilities, and security-relevant programs/data files to authorize personnel. Implements methods to prevent or minimize direct access, electronic or other forms of eavesdropping, interpreting electro-mechanical emanations, electronic intercept, telemetry equipment, or processes. Evaluates unusual circumstances to recognize and define potential vulnerabilities and selects and oversees the installation of physical and technical security barriers to prevent others from improperly obtaining such information. Conducts the Information Assurance Awareness Program which uses computer-based training for both initial and recurring information protection training. Maintains required course records for all unit personnel

5. Oversees the work center Quality Assurance program. Ensures equipment inspection schedules are being adhered to and updated as needed/required. Responsible for accomplishing or ensuring accomplishment of all inspections on the schedule. Responsible for the answering of any QA related programs in MICT. Briefs immediate leadership, as needed, on issues in accomplishing any portions of the program. Reviews any AF679 (Air Force Publication Compliance Item Waiver Request/Approval) yearly, or as needed to ensure if continued waivers are still in the best interest of the work center and base as a whole.

6. Provides input to and coordinates, as part of the Comm work center, on relevant support agreements, and service level agreements (SLA s), that require work center support to make sure they correctly identify products and services needed. Maintains knowledge of emerging technologies, reviews technical periodicals, publications, commercial standards, and attends seminars

7. Other Duties as assigned.

Required/Desired Skills

Skill Matrix