Vacancy expired!
DescriptionAkima is a global enterprise with more than 8,000 employees, delivering agile solutions to the federal government in the core areas of facilities, maintenance, and repair; information technology; logistics; protective services; systems engineering; mission support; furniture, fixtures & equipment (FF&E); and construction. As a subsidiary of NANA, an Alaska Native Corporation owned by more than 14,000 Iñupiat shareholders, Akima’s core mission is to enable superior outcomes for our customers’ missions while simultaneously creating a long-lived asset for NANA consistent with our Iñupiat values. In 2021, Akima ranked #28 on Washington Technology’s Top 100 List and #63 on Bloomberg Government’s BGOV200 List of top federal contractors. To learn more about Akima, visit www.akima.com . Core Tasks:Review Security alerts and take appropriate actions
Monitor firewall logs to identify issues
Review and approve new software requests
Work with team to design, analyze and implement efficient IT security systems
Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
Evaluate development efforts to ensure that baseline security safeguards are appropriately installed.
Ensure that security improvement actions are evaluated, validated, and implemented as required.
Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
Participate in information security risk assessments.
Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Assure successful implementation and functionality of security requirements and appropriate information technology (IT) policies and procedures that are consistent with the organization's mission and goals.
Collect and maintain data needed to meet system cybersecurity reporting
Core Knowledge, Skills and Abilities:Knowledge of business continuity and disaster recovery continuity of operations plans
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
Knowledge of controls related to the use, processing, storage, and transmission of data
Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)
Knowledge of boundary protection and enclaving
Knowledge of authentication and access management techniques
Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. (ie. NIST, CMMC)
Knowledge of Windows server 2012,2016,2019, Windows 10
Skill in creating policies that reflect system security objectives
Knowledge of new and emerging information technology (IT) and cybersecurity technologies
Knowledge of current and emerging threats/threat vectors
Knowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)
Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
Knowledge of penetration testing principles, tools, and techniques.
Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.Knowledge of controls related to the use, processing, storage, and transmission of dataKnowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth)Knowledge of boundary protection and enclavingKnowledge of authentication and access management techniquesKnowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures. (ie. NIST, CMMC)Knowledge of Windows server 2012,2016,2019, Windows 10Skill in creating policies that reflect system security objectivesKnowledge of new and emerging information technology (IT) and cybersecurity technologiesKnowledge of current and emerging threats/threat vectorsKnowledge of vulnerability information dissemination sources (e.g., alerts, advisories, errata, and bulletins)Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)Knowledge of penetration testing principles, tools, and techniques.QualificationsMinimum Qualifications:Bachelor's Degree in Information Technology or related area (or equivalent).
Exceptional oral and written communications skills
Exceptional customer service skills
Desired Skills:Experience with Microsoft 365 Services and security offerings
Experience with Palo Alto Firewalls and Cortex XDR
Experience with Cisco Networking/security devices
Experience with Securonix SIEM
Experience with Nessus Professional
Experience with Security Sensor Management
Experience with NIST SP 800-171/800-53 Assessments
A working knowledge of network and communication equipment, protocols, and troubleshooting tools
We are an equal opportunity employer. All applicants will receive consideration for employment, without regard to race, color, religion, creed, national origin, gender or gender-identity, age, marital status, sexual orientation, veteran status, disability, pregnancy or parental status, or any other basis prohibited by law. If you are an individual with a disability, and would like to request a reasonable accommodation for any part of the employment process, please contact us atjob-assist@akima.comor 571-353-7053 (information about job applications status is not available at this contact information).Job: Information TechnologyTravel: NoOrganization: Akima, LLC Shared ServicesClearance: Not ApplicableShift: Day JobWork Type: On SiteReq ID: AKI04837
Full-time