Cybersecurity Specialist

Roles and responsibilities

Trace Systems is actively recruiting for a Cybersecurity Support Specialist to join our team based in Kuwait. This essential role ensures the availability, integrity, identification, authentication, confidentiality, and non-repudiation of classified and unclassified information systems and/or network components within the area of responsibility of 160th Signal Brigade.

• Review and compile vulnerability or configuration status reports of Automated Information Systems (AIS) and recommend corrective actions.
• Review and assess authorization requests to ensure compliance with DoDI 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT) and provide recommendations for Government approval.
• Maintain documentation of all requests and approvals in accordance with AR, ARIMS, to include monthly IA Control validations, artifact gathering, RMF Implementation Plans (DIP), Risk Management Framework for DoD Information Technology (IT) DoD Instruction 8510.01, and all accreditation efforts.
• Review connection requests and provide recommendations in accordance with CENTCOM Connection Approval Process for approval. Maintain documentation of these requests and approvals. Prepare DISA connection authorization packages (CAP) for Defense Switched Network (DSN)/Voice system for Government review and approval.
• Maintain status of the current network architecture and engineering revisions of global MPLS and Joint Regional Security Stacks (JRSS) networks. Maintain System Network Approval Process (SNAP), perform data entry and run inquiries for Information Systems Security Program (ISSP), Army Portfolio Management System (APMS) accounts, enterprise Mission Assurance Support Service (eMASS) and Enterprise Reporting Service (ERS) and perform tasks as required.
• Prepare network diagram improvements, routing policy, network policies, and new information systems equipment selection and testing.
• Provide recommendations based on current technical documentation provided by the Joint Interoperability Test Command (JITC).
• Ensure standards are compliant for network and information systems configuration, including routing architecture, traffic engineering, inter/intra Point of Presence (POP) topology, peering policies and guidelines for maintenance activities.
• Conduct market research and provide recommendations for hardware and software based on DISA, NSA, National Information Assurance Partnership (NIAP), DoD, USCENTCOM, and US Army compliance standards.
• Track and maintain records of personnel cybersecurity training, certifications, and re-certifications for the 160th Signal Brigade and subordinate units to ensure compliance with DoD, CENTCOM, and U.S. Army regulations using ACTCS.
• Provide weekly situation awareness report of current operations and functional areas. This report will be submitted COB 1600 Kuwait time on Friday.
• Support the Government with their security assessments of proposed and CENTRIX installation sites to ensure security shortfalls are identified and corrected prior to SIPRNET installation/activation.
• Support the implementation, dissemination, and tracking of the Public key Infrastructure (PKI) in accordance with Department of Defense Instruction (DoDI) 8520.02, PKI and Public Key (PK) enabling.
• Due to Qatar's immigration and labor regulations, Qatar work visas cannot be issued to individuals aged 60 or over, and are not subject to a waiver. Additionally, foreign nationals aged 60 or older are unable to renew their Qatari visa or change sponsors. Therefore, per Qatar work visa regulations, candidates must be 59 years of age or younger to be eligible for a Qatari work visa as required for this position.
• Security Clearance An active, in-scope US Government issued Secret clearance.
• Due to the nature of the work and contract requirements, US Citizenship is required.
• This position requires a current DoD 8570 Information Assurance Management (IAM) level II certification (CAP CASP CISM CISSP (or Associate) GSLC, etc.) and must be maintained throughout the life of the contract.
• Practical network experience supporting MPLS/Internet Protocol (IP)/Virtual Private Network (VPN) networks in a carrier environment is required proficiency in Microsoft Visio and Microsoft Office applications.
• Experience and knowledge of tactical and strategic communication networks and their respective regulatory compliance standards.
• A working knowledge of DoD and Army regulations, instructions, and directives pertaining to Information Assurance (i.e., AR 25-2, AR 380.5, DoDI 8500.01, DoD Directive 8570.01, DoD Directive 8140.01, DoDI 8510.01, and all Army IA BBPs).
• The ability to demonstrate excellent verbal and written communication skills in order to provide clear and precise documents and recommendations.
• Proficiency with tools utilized in discovery and scanning of network vulnerabilities/current ACAS 40 hour training.
• High School diploma or GED

Desired candidate profile

Monitoring and Threat Detection:
Monitor networks, systems, and applications for signs of security breaches, suspicious activities, and potential threats using security monitoring tools (e.g., SIEM systems).
Identify and respond to security incidents or alerts, escalating issues as necessary.
Continuously review and update threat intelligence to stay informed of emerging security threats and vulnerabilities.
Incident Response and Resolution:
Assist in the detection, analysis, and mitigation of cybersecurity incidents such as data breaches, malware infections, and denial-of-service (DoS) attacks.
Help perform root cause analysis after a security incident to understand how the attack occurred and prevent future incidents.
Assist with the documentation and reporting of incidents to meet compliance requirements.
Vulnerability Management:
Conduct vulnerability assessments and scans to identify weaknesses in systems and applications.
Collaborate with IT teams to apply patches, updates, and security fixes to address identified vulnerabilities.
Support the creation of vulnerability management programs to track and mitigate risks across the organization.
Firewall and Network Security Management:
Assist in the configuration, maintenance, and monitoring of firewalls, intrusion detection/prevention systems (IDS/IPS), and other security devices.
Ensure network security controls are functioning properly to prevent unauthorized access and protect sensitive data.
Support the management of secure network connections, such as VPNs, to protect remote access.
. Access Control and Identity Management:
Help manage user access controls, ensuring that employees only have access to the data and systems necessary for their roles.
Assist in the implementation and maintenance of multi-factor authentication (MFA) and other identity management solutions.
Conduct regular access reviews to ensure compliance with company policies and security best practices.