DISA GSM-ETI
IP Information Systems Specialist - Lead
By Light Professional IT Services
Ft. Meade, MD
By Light Professional IT Services, Inc. has a wide variety of excellent career opportunities for
qualified, motivated professionals. We offer rewarding and challenging positions with many
opportunities for career advancement. By Light believes the key to recruiting and maintaining
talented employees is a compensation package that includes not only competitive salaries but
also excellent benefits. We are currently accepting resumes for the following position. Please
contact Michael Donahue at 240-481-0214 or michael.donahue@bylight.com to discuss this
opportunity in more detail.
Job Summary:
By Light Professional IT Services has an immediate opening for a full time Lead IP Information
Systems Specialist to support By Light’s newly awarded GSM-ETI Task Order 13: Information
Assurance (IA) Network Engineering Capabilities. A Lead IP Information Systems Specialist
assesses, tests, and recommends solutions and technologies to improve Information Assurance
(IA) for the management and control of data transferred throughout the Defense Information
Network (DISN). These technologies include network devices (routers, switches, firewalls, and
Intrusion Detection Systems (IDS), and services Authentication, Authorization and Accounting
(AAA), Access Control List (ACL), secure remote access (i.e Secure shell, Secure VPN, IPSec), and
IPv6 capable devices.
Security Clearance: Minimum TOP SECRET Clearance required
Responsibilities:
 Oversees Information Systems Security Specialist Associates
 Collates and analyzes audit trail data
 Reviews security threats to network devices and determines/implements effective
countermeasures IAW established policies/regulations/directives
 Analyzes network or system changes/reconfigurations for security impacts (performs risk
analysis/assessment)
 Documents security measures policies
 Performs functions as required in support of the Defense Information Technology Security
Certification and Accreditation Program (DITSCAP) and DISAI 630-230-19
 Ensure all systems are compliant with all DoD, DISA Security Technical Implementation
Guide (STIG) and IA Vulnerability Alert/Management (IAVA/IAVM) guidelines
 Prepare security evaluation responses to any IAVA or IAVM inquiries. Work with our
solutions team, the STEP IA Tools Program Tier II team, testing engineers at the Ft. Meade
lab and our IAO, as well as all stakeholders to verify a viable and effective IAVA/IAVM plan
is implemented
 Regularly review and analyze IAV Bulletins (IAVB) and IAV Technical Advisories (IAV-TA) and
distribute via alerts and bulletins
 Perform an in-depth analysis of the IAVA review results, record any deficiencies and
prepare a strategic recommendation for risk mitigation or resolution of all findings, with
immediate attention given to Cat I and Cat II findings
 Analyze and develop functional and security requirements for a particular capability or
system
 Deliver Router and Firewall IA Test Plans and resulting Test Reports. Prepare field
recommendations and Configuration Guides
 Provide Tier III engineering support to field operations personnel and deliver Field Support
Lessons Learned reports
 Provide Certification and Accreditation (C&A) support for STEP IA tool suites
 Configure lab testing systems to comply with the STIG maintaining the operational
configuration information
 Develop POA&M (Plan Of Action and Milestones) recommendations; providing mitigation
plan recommendations to fix security findings
 Review ST&E (Security Test & Evaluation) reports and mitigate the findings
 Perform Security Readiness Review (SRR) support
Qualifications/Experience:
 Detailed-Oriented, Self-motivated experienced individual with 5+ years of experience as a
Security Engineer for DoD/DHS clients
 ST&E, C&A, Vulnerability Assessment, Penetration Testing, Firewall Management
experience required
 Exceptional problem solving and communication skills combined with expertise in DoD
STIGs
 Strong test background with DISA Gold Disk, SRR Scripts, DISA STIGs, Security Checklists,
DIACAP and NIST 800-53 Controls.
 Experience with vulnerability scanning tools such as Retina, Nessus, ISS, GFI LANGuard,
SuperScan, AppDetective, nmap, Wireshark, CIS Benchmark
 Familiar with implementation of vulnerability management (IAVM) process and POA&M
 Possess excellent interpersonal communication skills with the ability to interact with
management and staff at all levels
 Candidate should also have excellent verbal and written communication skills
 Expertise with network infrastructure components such as routers, switches, firewalls,
intrusion detection systems, etc
 Experience conducting audits, risk assessment, threat analysis, contingency planning and
implementing security standards and methods
Education/Certifications:
 BS in Networking, Telecommunications, or related area, or equivalent combination of
education, certifications and experience
 DoD 8570-01-M IAT Level II or higher to include Security+, GSEC, SCNP, SSCP, or CISSP
 CCNA or JNCIA or equivalent routing and switching experience
Work Environment:


Office location: Ft Meade Maryland
Travel: Minimal
Physical Demands:
 Ability to type, communicate via telephone and sit for extended periods of time.
**By Light is an Equal Opportunity Employer**