Overview
Please note that this position is contingent upon the successful award of a contract currently under bid. Global in service but local in approach, Nisgaa Tek is committed to high-quality service to those who defend us. Nisgaa Tek ensures mission assurance and execution for customers and warfighters. Providing intelligence, IT, cyber security, training, logistics, administrative, acquisition, and background investigation services.
Summary
The Senior Cybersecurity Auditor provides independent security assessment and compliance oversight in support of the Defense Logistics Agency (DLA) under the J6 Enterprise Technology Services (JETS) contract.
Responsibilities
Essential Job Functions:
• Independently performs complex security analysis of classified and unclassified applications, systems, and enclaves for compliance with security requirements. • Performs Command Cyber Readiness Inspections and cybersecurity vulnerability evaluations. • Uses a variety of security techniques, technologies, and tools to evaluate security posture in highly complex computer systems and networks. • Performs vulnerability and risk analysis and participates in a variety of computer security penetration studies. • Analyzes and defines security requirements for computer and networking systems, to include mainframes, workstations, and personal computers. • Recommends solutions to meet security requirements. • Gathers and organizes technical information about an organizations mission goals and needs and makes recommendations to improve existing security posture. • Provides enterprise-wide technical analysis and direction for problem definition, analysis and remediation for complex systems and enclaves. • Provides workable recommendations and advice to client executive management on system improvements, optimization, and maintenance in the following areas: • Information Systems Architecture • Automation • Telecommunications • Networking • Communication Protocols • Application Software • Electronic Email • VOIP and VTC
Competent to work at the highest level of all phases of information systems auditing.
Qualifications
Necessary Skills and Knowledge:
• Proven proficiency performing CCRI/ vulnerability assessment/ penetration testing on networks, databases, computer applications and IT frameworks. • Knowledge and understanding of DOD security regulations, DISA Security Technical Implementation Guides. • Understanding of SCAP. • Knowledge of and proficiency with: • VULNERATOR • CYBERCOM CTO Compliance Program • Wireless vulnerability assessment • Web Services (IIS, Apache, Proxy) • Database (SQL Server, Oracle) • Email Services (Exchange) • Vulnerability Scans (NESSUS, SCCM) • Knowledge of Phishing exercises • Cloud Security • Operational Technology • Artificial Intelligence • USB Detection • Physical Security • Familiarity with AUTOCHECKLIST Tool
Strong analytical and problem-solving skills for resolving security issues. Strong skills implementing and configuring networks and networks components.
Minimum Qualifications:
• Minimum seven (7) years of IT experience • Minimum five (5) years of cybersecurity experience • Command Cyber Readiness Inspection certification or equivalent in at least one of the following areas: • Nessus Scan Analysis • Operating Systems (Windows, Unix) • Boundary Defense) Network Policy, Router, Firewall • Internal Defense (L2 Switch, L3 Switch) • DNS (Policy, BIND/Windows) • HBSS (remote console, AV, ABM, PA HIPS, ePO) • Traditional Security (Common, Basic, NCV, SCV) • Wireless Communications (BES, Handhelds) • Tenable Certified NESSUS Auditory
Required to possess a DOD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) upon assignment.
Required to be a DISA Risk Management Executive, Cyber Standards Branch Certified CommandCyber Readiness Inspection (CCRI) Team Lead and have a certification in penetration testing, such as: • Licensed Penetration Tester (LPT) • Certified Expert Penetration Tester (CEPT) • Certified Ethical Hacker (CEH) • Global Information Assurance Certification Penetration Tester (GPEN)
Preferred Qualifications:
• Bachelor's degree in a related field
Pay and Benefits
The annual salary range for this position is $100,000 - $170,000. At Goldbelt, we value and reward our teams dedication and hard work. We provide a competitive base salary commensurate with your qualifications and experience. As an employee, youll enjoy a comprehensive benefits package, including medical, dental, and vision insurance, a 401(k) plan with company matching, tax-deferred savings options, supplementary benefits, paid time off, and professional development opportunities.
Goldbelt, Incorporated is an urban Alaska Native, for‐profit corporation headquartered in Juneau, Alaska. Incorporated on January 4, 1974 following the Alaska Native Claims Settlement Act (ANCSA), Goldbelt’s primary mission is to manage assets and conduct business for the benefit of its more than 3,600 shareholders. Goldbelt first ventured into the logging and timber industry but later expanded its operations into tourism, which still remains an integral part of its operations. Today, the majority of Goldbelt’s revenue and income derives from government contracting and services.
Goldbelt’s shareholder base consists of Alaska Natives who are of Tlingit and Haida descent. The Tlingit and Haida tribes are the indigenous people of Southeast Alaska, whose rich history spans more than ten thousand years in the region. Goldbelt shareholders own the entire 272,000 shares of Goldbelt stock, representing assets in excess of $100 million in addition to over 32,000 acres of land in the vicinity of Juneau. Goldbelt seeks to honor and preserve the Tlingit culture - its history, art, dance, legends, and the traditions of its Alaska Native shareholders. Learn more about Goldbelt Heritage.
The company is named after a richly mineralized zone in Southeast Alaska that encompasses 33,000 acres of Goldbelt’s land holdings— an area that stretches along the mainland from Frederick Sound to Berners Bay. Learn more about Goldbelt Lands.