Sr. Systems Administrator / IA Security Specialist (Tier 3)
Location: San Antonio, TX
Type: Full Time
Minimum Experience: Senior Level
Security Clearance Level: Ability to obtain a Public Trust
*The clearance level stated above must be met for consideration for this specific opportunity. Unfortunately, FTC is unable to sponsor at this time.
Military Veterans and individuals with disabilities are encouraged to apply!
Favor TechConsulting, LLC (FTC) is seeking a Sr. Systems Administrator/ Information Assurance (IA) Security Specialist with experience producing in a federal government project environment.
This individual will be a part of a team responsible for completing project tasks as assigned by the manager. They will provide operational and business support services to carry out program objectives. In addition, this individual will also provide support for a varying number of Health IT services, including innovative Health IT solutions, health informatics, emerging Health IT research, and other IT services. Lastly but not limited to, they will provide assistance to the manager in determining schedules, in reviewing deliverables, and in participating in project reviews.
Essential Job Functions & Responsibilities:
- Serve as a Senior Systems Administrator and Information Assurance Specialist providing senior level Tier 3 support services
- Track and report status of major projects and deliverables to include; Risk Assessments, Risk Acceptance, accreditation and authorization efforts (A&A), Control Correlation Identifier (CCI) completion, Plan of Action and Milestones
- Recommend corrective actions and process improvements
- Maintain responsibility for accuracy and timeliness of inputs to eMASS and other accreditation requirements
- Provide direct support to the Information Systems Security Officer (ISSO) for all DHA managed systems under the ISSO’s responsibility
- Ensure network resources are in compliance with DoD IA and security policies and vulnerability alerts, all IAVAs and any other technical advisories identified by the USCYBERCOM/DHA
- Provide fixes for all Category 1, Category A and other urgent rated vulnerabilities within 21 days.Note that some vulnerabilities may require manual remediation(s) or a shorter timeframe
- Resolve Category 2 and 3 rated vulnerabilities during the routine maintenance window
- Administer, record, and support the upkeep of all network resources and any implemented changes as reported by the Continuous Monitoring and Risk Scoring (CMRS)/ACAS/other scanning tools
- Ensure all discovered discrepancies or security vulnerabilities, such as missing patches or perceived gaps in network security, are immediately resolved through the necessary DHA offices and service functions
- Plan of Actions and Milestones (POA&Ms) shall be created, maintained, and followed through to resolution for issues requiring additional time for testing, solutions development, team collaboration, and deployment
- POA&Ms will include detailed/applicable risk mitigation statements, and appropriate milestone dates
- Perform IA scans of network enterprise devices using tools such as, Security Content Automation Protocol (SCAP) Compliance Checker (SCC) Tool, manual checks, DISA STIG Viewer, ACAS Nessus Scanner, and ACAS Security Center
- Perform routine and random testing of servers and devices to ensure 100% security compliance
- Validate deployed security patches and solutions to ensure proper installation and function
- Maintain and validate asset lists within ACAS and eMASS
- Maintain 95% of credentialed scans by resolving non-credentialing, dead, or misconfigured assets
- Report any security violations and incidents up the chain of command within established timeframes.
- Reply and report to security and associated taskers
- Ensure log files and audits are maintained and reviewed for all systems, and that authentication policies (i.e., password) are audited for compliance
- Review and evaluate the effects of security system changes, including interfaces, with other Information Systems (IS) and document all changes
- Ensure that all IS within area of responsibility (e.g. mJAD, AMEDD, North Beach Pavilion LAN) are certified and accredited via the Risk Management Framework (RMF) or comparable accreditation process
- Note: Legacy accreditations may sunset, transition, or migrate to other existing or newly created accreditation boundaries
- Maintain and update in eMASS or other RMF system as required
Required Minimum Qualifications
- Bachelor’s Degree or higher in Information Technology, Computer Science or related discipline
- (5+) Five years of relevant hands-on experience providing systems administration and IA security (preferably as a Tier 3 level support)
- MCSA or MCSE Microsoft Certifications (Note: Some retired Microsoft certifications may still be considered for this opportunity)
- The selected candidate must currently hold or be willing to obtain the appropriate required certification(s) in order to perform specific tasks, if requested (Note: Required certification(s) would be supplied by employer if not already actively held)
U.S Citizenship is required for this specific opportunity and all selected applicants will be subject to a government security investigation. This includes but not limited to; meeting the eligibility requirements for access to classified information and the ability to obtain a government-granted security clearance. Individuals may also be subject to a background investigation including, but not limited to; criminal history, employment verification, education verification, drug testing, and creditworthiness.
Favor TechConsulting is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, marital status, disability, veteran status, sexual orientation, or genetic information.