• Help

    Duties

    Summary

    This position is located in the Government Accountability Office (GAO), Information Systems and Technology Services (ISTS), Information Systems Security Group (ISSG). ISSG is responsible for GAO's information security program. The purpose of this position is to perform the operational activities of the Security Operations Center (SOC), develop methods, approaches, and procedures to enhance security measures.

    Learn more about this agency

    Responsibilities

    • Provides information and feedback on organizational efforts to comply with the Federal Information Security Management Act (FISMA), National Institute of Standards and Technology (NIST), and GAO's internal Performance and Accountability reporting requirements.
    • Coordinates and drafts risk mitigation action plans for any risks or vulnerability that is identified during assessment reviews.
    • Investigates security breaches to determine impact and prevent recurrence.
    • Supports network assessments that identify and troubleshoot anomalies; participates in the security incident response program; provides constant analysis of network traffic; and initiates a forensic review of potential breaches in the agency's security posture.
    • Drafts standard operating procedures, configures, updates, and maintains security technologies (listed below) in support of existing “defense in depth” implementations of security technologies:

      1) Firewall Management, Configuration, and Monitoring

      2) Web Proxy Management and Monitoring

      3) Internet Web Management and Monitoring

      4) Correlation Engine (SIEM) Management and Monitoring

      5) Network IDS Management and Monitoring

      6) Host IDS Management and Monitoring

      7) Network and Netflow Management and Monitoring

      8) Network Activity Management and Monitoring

      9) Secure Network Access Management and Monitoring

      10) Internal Access Controls (ACL) Management and Monitoring

      11) Network Access Control (NAC-802.1x) Management

      12) Workstation Security Personal Firewall Management

      13) Workstation Security Spyware/Malware Management and Monitoring

      14) Workstation Security Encryption Management and Monitoring

      15) Workstation and network two-factor authentication

    Travel Required

    Not required

    Supervisory status

    No

    Promotion Potential

    NA

This job originated on www.usajobs.gov. For the full announcement and to apply, visit www.usajobs.gov/GetJob/ViewDetails/518713900. Only resumes submitted according to the instructions on the job announcement listed at www.usajobs.gov will be considered.