AITC is fast-growing, proven, and reputable Information Technology Company focused on Systems Integration, Value-Added Reselling, and Professional Services of IT products and End-To-End solutions. We represent from top select manufacturers to a network of direct and indirect Customers in the Federal, State and Local Governments as well as in the Commercial sector.


AITC has an opening for a new Cybersecurity Systems Administratorlocated in

Einsiedlerhof, Germany in support of Warrior Preparation Center (WPC) Network

operation.


Position Overview:

Cybersecurity Support candidate will support Live, Virtual, and Constructive Modeling & Simulation Federations and

Systems at WPC and assist in developing constructive capabilities to train in a synthetic environment against cyber-attacks.


Job Responsibilities and Duties:


  • Serve as the operation and maintenance lead for WPC’s Assured Compliance Assessment Solution (ACAS) systems and scan/report production processes. Provide technical inputs for Cyber Vulnerability Management (CVM) and Risk Management Framework (RMF) Plans of Action and Milestones (POA&Ms) regarding remediation timelines or vulnerability mitigation to sufficient detail;

  • Provide complete scan reports of each network monthly (or after a major network reconfiguration) in the needed template/format for reporting or submission into the appropriate CVM repository. Troubleshoot and research problems with systems that do not provide a complete or fully-credentialed scan result until resolution. Accomplish vulnerability remediation (e.g. patches & updates) as well as STIG/SRG configuration compliance actions on domain core services systems and workstations in coordination with and support of WPC Communications Support system administration personnel;

  • Actively maintain lists of active hosts on the different networks and the corresponding basic inventory listings of software used to determine STIGs and/or SRGs that need to be applied. Research proposed configuration updates/changes and apply a “patch-and-test” approach as appropriate to determine if a configuration update/change will have a detrimental effect on the WPC processes and mission to make a determination on application in the operational environment;


  • Accomplish STIG/SRG checklist updates and reporting quarterly (tracking both automated compliance scans and manual STIG checklists as applicable.) Track/report compliance of configuration changes based on CYBERCOM-driven tasking orders or other DoD short-notice threat response notifications;

  • Provide guidance and subject matter expertise of DoD and AF policies, instructions related to the C&A processes, AF Security, Interoperability, Supportability, Sustainability and Interoperability (SISSU) activities, DoD Enterprise Mission Assurance Support Service (eMASS) web based tool used to implement the DoD Information Assurance C&A Process, the AF Certification and Accreditation Process (AFCAP), and DoD’s Risk Management Framework (RMF);

  • Provide security engineering to implement security controls and ensure these controls do not degrade performance and availability requirements needed to execute and sustain M&S/LVC exercises/events;

  • Report security findings and issues associated with the RMF process to the appropriate Cybersecurity POCs;

  • Provide M&S/LVC cybersecurity to include collaborating with Cybersecurity POCs to address C&A, conducting technical exchange meetings, reviewing system architecture and DIACAP or RMF as well as their respective C&A documentation, documenting problem areas and provide recommendations for a resolution, conducting site visit follow-up on issues and resolutions, and documenting recommendations for process improvements;

  • Review system artifacts (e.g., documents) for accuracy and perform hands-on testing of system security features;

  • Conduct facility visits to observe the actual processes related to each IA control (technical, personnel, operational, or management in nature);

  • Utilize tools such as Retina and Nessus scanners, DISA System Readiness Review (SRR) and Gold Disks, and database and web server security test tools;

  • Perform hands-on validation of IA control implementation in M&S/LVC;

  • Base assessment primarily on the validation procedures of the DIACAP or RMF Knowledge Service and DISA STIGs;

  • Provide specialized subject matter expertise of the M&S/LVC community’s systems;

  • Participate in meetings with system Information Assurance Security Officers (IASOs), program managers, IA managers, C&A authorities and their representatives; present overviews of issues and recommendations; and provide meeting reports that outline the discuss topics and note action items from these meetings;

  • Perform other duties as assigned.


Incumbent is required to perform all duties listed and may be required to perform additional, position-specific duties.



Mandatory Requirements:


• Certified Information Systems Security Professional (CISSP)


• Microsoft Certified Solutions Expert: Server Infrastructure and/or Red Hat Certified System Administrator,10 years’ experience.


• DoD 8570.1 IAT Level II Certification required.


• Experience with ACAS or Tenable Nessus vulnerability scanners.


ISSO cybersecurity qualification.


• Security Clearance:


Secret. The selected applicants will be subject to a security investigation and must meet eligibility requirements for

access to classified information