Infrastructure Testing Team Lead
Description
gTANGIBLE Corporation (gTC), www.gtangible.com, is a C corporation and a registered Government contractor that provides services and solutions in:
- National Security Programs
- Professional, Administrative, and Management Support
- Mission and Warfighter Support
We are a Service Disabled Veteran Owned Small Business (SDVOSB) and the founder has years of successful experience in the Government contracting arena. Our leadership team is an exceptional group of Government contracting professionals. gTANGIBLE is in the process of identifying candidates for the following position.
Requisition Type: Full Time
Position Status: Contingent
Position Title: Infrastructure Testing Team Lead
Location: National Capital Region
Clearance: Secret
Duties and Responsibilities
The Infrastructure Testing Team Lead supports this Transportation Security Administration Information Technology (TSA IT) Task Order (TO) by overseeing operating system testing, database testing, network fabric asset testing, and wireless communication testing. Off hours testing conducted on a as needed basis. Periodic travel required.
Team duties include the following operating system testing, database testing, network fabric asset testing, and wireless communication testing:
- Become, and remain, familiar with TSA and DHS security policies and Technical Standards relating to the configuration and operation of operating systems to facilitate effective security assessments.
- Engage with testing engagement stakeholders to gather all required information needed to create detailed test plans.
- Conduct security testing of operating systems using Information Assurance and Cybersecurity Division (IAD)-provided automated testing tools in conjunction with manual configuration validation techniques.
- Troubleshoot any technical issues preventing successful completion of testing engagements within the scheduled time allotted for the engagement (i.e. insufficient credentials, whitelisting not implemented, no network access, etc.).
- Validate and enrich results generated by automated testing tools. Example activities include identification of false positive findings generated by testing tools, adjustment of finding severities based on specific considerations within, or associated with, the affected target.
- Review application stakeholder response to operating system security findings identified during security testing engagements.
- Provide Subject Matter Expertise for a variety of topics concerning operating systems in a variety of formats (verbal or written).
- Provide support for external security audits conducted of the TSA. Such support would include items such as: providing technical insight into data calls required by external Federal entities, offering technical information to facilitate external auditor’s work, or validating findings identified in external audit reports.
Knowledge and Qualifications
- At least eight (8) years of technical IT security experience. Such experience can come from system or network administration, security analysis, security testing and evaluation, security incident response, security monitoring, IT project implementation, or other similar technical activities.
- At least five (5) years of experience performing security assessments.
- At least three (3) years of experience performing security assessments of Windows and Linux operating systems.
- At least three (3) years of experience performing security assessments of databases, network fabric assets, and wireless communications.
- At least one (1) year of experience performing security assessments for Federal IT systems.
- Fluent knowledge of NIST and FIPS security controls, DISA STIGs, and CIS standards.
- The ability to work effectively in groups acting as the sole security practitioner, as well as be able to participate in a small team of security personnel reviewing the same system.
- Excellent communication skills to be able to understand concepts being verbally presented, participate in group discussions, and to present recommendations which may provide better security for the systems being reviewed.
- Strong organizational, analytical, and technical writing skills to be able to document findings in reports that can be understood by individuals with less security technical knowledge.
gTANGIBLE Corporation is an equal opportunity employer and does not discriminate against any employee or applicant because of race, age, sex, color, physical or mental disability, religion, sexual orientation, marital status, national origin, or political affiliation.