CAREERS @ FIS

Job Overview:

The on-site Continuous Integration /Continuous Delivery (CI/CD) application cybersecurity engineer will specialize in implementing security analysis tools and security gates into all stages of the CI/CD pipeline. Primary function is to work with agile development teams to review application risks, provide remediation recommendations, and help prevent future risks by cultivating secure coding practices. The ideal candidate is someone with a developer background, has DevSecOps experience, and has performed application cybersecurity testing in a prior role. Must also have excellent attention to detail, strong analytic, and communication skills, as well as a working knowledge and understanding of application cybersecurity toolsets used in the CI/CD DevSecOps pipelines.

Typical Duties Include:

• Provide cybersecurity guidance and direction in the design, development and implementation of automated solutions, based on a set of standards and processes that enable CI/CD developers to easily apply cybersecurity and compliance services.
• Responsible for, support of, and coordinating with other Engineers, Architects, and teams in implementing a comprehensive cloud and application cybersecurity program in a DevOps environment.
• Automate cybersecurity testing using a variety of architectures and cutting-edge technologies.
• Design, execute, and maintain automated cybersecurity testing for web applications (apps), mobile apps, and application programming interfaces (APIs).
• Actively review and implement improvements to drive continuous improvement of the efficiency, speed, and quality of the CI/CD DevSecOps environment.

Experience and Skills:

• Experience with CI/CD DevSecOps integration with tools such as Jenkins, JIRA, GitLab, and Bitbucket
• Strong experience in cloud and application cybersecurity domains.
• Experience with OR knowledge of supporting Cloud based platforms (Google, Microsoft, Amazon Web Services (AWS), and Military Cloud (MilCloud)).
• Experience with OR knowledge of Open Containers Initiative (OCI) compliant containers and OpenShift Container Platform technology utilizing Kubernetes orchestration technology.
• Strong and evolving competence in one or more programming languages and scripting using Python, Personal Homepage (PHP), Just Another Virtual
• Architecture (JAVA), JAVA Script, Power Business Intelligence (BI) and .Net Core.

Education, Certifications, and Clearance:

Intermediate:

• (5+) years of experience
• Associate of Science or Associate of Art
• Req. certification(s): Current DoD IAT Level I

Senior:

• (8+) years of experience
• Bachelors of Science or Bachelors of Art
• Req. certification(s): Current DoD IAT Level II

Required Clearance:

• Active TS/SCI
• Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FIS and/or required by FIS's Client(s)/Customer(s)/Prime contractor(s).
• Must be a U.S. Citizen and pass a background check.

Location(s):

MacDill AFB, Florida

Coronado, CA

Little Creek, VA

Position Type:

Full Time

Job Overview:

Performs assessment and authorization coordination. Advises and assists the customer with Risk Management Framework (RMF) and develops a Plan of Action and Milestones for resolving network deficiencies in accordance with DODI 8510.01 and ICD 503. The duties of this task include assessing network compliance against controls listed in NIST 800-53 and creating A&A packages. Performs assessment, compliance, and validation of IT systems to support the Cybersecurity program at USSOCOM, its Component Commands, TSOCs, and deployed forces. Execute a comprehensive assessment, compliance and validation of customer networks to ensure compliance with regulations and security and standards. The end goal is to ensure the integrity of customer systems by identifying and mitigating potential shortcomings and vulnerabilities.

Typical Duties Include:

• Tracks A&A status of SIE governed ISs. Ensures these artifacts and documentation are available in the USSOCOM-chosen automated tool.
• Advises stakeholders on the adequacy of implementation of cybersecurity requirements.
• Provide DoD & IC RMF subject matter expertise to USSOCOM, its Component Commands, TSOCs, deployed forces and their delegates, including other Contractors, and assist with the development and execution of the RMF program at USSOCOM, its Component Commands, TSOCs, and deployed forces.
• Maintain, track, and validate DISN, cloud and DIA connection approval packages, including those from USSOCOM, its Component Commands, TSOCs, and other subordinate organizations.
• Develop and maintain supporting documentation for new and existing networks, cloud environments, information systems and technologies as they are introduced into the SIE.

Experience and Skills:

• Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
• Technical background with system administration experience, architecture and engineering preferred
• Technical background in networking, identity management, Microsoft and Linux operating systems, database, and mobility.
• Working knowledge of the RMF.
• Knowledge of the Telos Xacta or Enterprise Mission Assurance Support Services (eMASS) system is desired.

Education, Certifications, and Clearance:

Associate:

• (<5+) years of experience
• Bachelors of Science or Bachelors of Art
• Req. certification(s): Current DoD 8570.01-M, DoD IAT Level II

Intermediate:

• (5+) years of experience
• Associate of Science or Associate of Art
• Req. certification(s): Current DoD 8570.01-M, DoD IAM Level II

Senior:

• (8+) years of experience
• Bachelors of Science or Bachelors of Art
• Req. certification(s): Current DoD 8570.01-M, DoD IAT Level III or IAM Level III

Expert:

• (10+) years of experience
• Masters of Science or Masters of Art
• Req. certification(s): Current DoD 8570.01-M, DoD IAT Level III or IAM Level III

Required Clearance:

• Active TS/SCI
• Maintain applicable security clearance(s) at the level required by the client and/or applicable certification(s) as requested by FIS and/or required by FIS's Client(s)/Customer(s)/Prime contractor(s).
• Must be a U.S. Citizen and pass a background check.

Location(s):

Tripler Army Medical Center (TAMC), Honolulu, HI

Job Overview:

The System Administrator is responsible for installing, configuring, and maintaining Microsoft Windows Server operating system workstations and servers, including web servers, in support of business processing requirements. Duties include performing software installations and upgrades to operating systems and layered software packages. Schedule installations and upgrades and maintain them in accordance with established IT policies and procedures. Ensure workstation/server data integrity by evaluating, implementing, and managing appropriate software and hardware solutions. Conduct routine hardware and software audits of servers to ensure compliance with established standards, policies, and configuration guidelines. Develop and maintain a comprehensive operating system hardware and software configuration database/library of all supporting documentation.

Typical Duties Include:

• Provide support for the Microsoft MECM Server. Tasks include Administration & Configuration, Troubleshooting, Documentation & SOP, Inventory & Patch Deployment, Workstation Image Deployment.
• Provide support for the following Server Applications: Microsoft IIS, Microsoft SQL Server, Temperature Monitoring, Shavlik Protect/Ivanti and Symantec Backup Exec.
• Responsible for the following tasks on Server Applications: DISA STIG Compliance, Information Assurance Vulnerability Alerts (IAVA) Patches/Upgrades, Administration & Configuration support, Documentation & SOP, Troubleshooting, and review logs via Splunk.
• Provide support for Windows Operating Systems including McAfee HBSS Administration (Antivirus, Firewall, Data Loss Prevention, ENS). Windows Workstation 10 (Enterprise and Enterprise LTSC), Windows Server 2016/2019, Active Directory Administration, MDFs/Network Printers, and Group Policy.
• Responsible for the following tasks on Windows Operating Systems: DISA STIG Compliance, IAVA Patches/Upgrades, Administration & Configuration, Documentation & SOP, Troubleshooting, Responsible for the following tasks on VMware/Storage Systems.
• Provide support for VMware Vcenter/ESXi 6.x/7.x and Storage Area Network.

Experience and Skills:

• (5) years of directly related experience.
• Technical background with experience troubleshooting, patching, and configuring Medical systems.
• Working knowledge of Windows 2016/2019 Server, Windows 10/11 Workstation, and Symantec Backup Exec 20.
• Required technical training: Administration Configuration of Assured Compliance Assessment Solution (ACAS), Host Based Security System (HBSS), Windows 2016/2019 Server, Windows 10/11 Workstation, Microsoft Endpoint Configuration Manager (MECM), Group Policy/Active Directory Management, and Symantec Backup Exec 20.

Education, Certifications, and Clearance:

• Must be a US Citizen.
• Certifications: Current DoD 8570.01-M, IAT II Certification
• Active Secret clearance.

Location(s):

Hurlburt Field, FL

Job Overview:

Perform cybersecurity auditing by reviewing audit logs of networks, information systems and cloud environments to identify information systems not compliant with DoD, ICD, NIST, CNSS and other cybersecurity policies. Advises and assists the customer with Risk Management Framework (RMF) The duties of this task include assessing network compliance against controls listed in NIST 800-53. The Contractor shall execute a comprehensive cybersecurity compliance assessment and validation of customer networks, cloud environments, information systems, hardware, software, and devices to ensure compliance with cybersecurity regulations and standards. Additionally, the Cybersecurity Auditor should be able to perform security evaluations and vulnerability assessments using the DoD Assured Compliance Assessment Solution (ACAS), Nessus vulnerability scanning tool and Security Content Automation Protocol tool. The Cybersecurity Auditor will liaison with network and system administrators to correct identified deficiencies. The Cybersecurity Auditor will also scan (or review scans) for new systems and applications being introduced into the SOF environment, identify vulnerabilities, and draft assessment reports for the government. The contractor will liaison with the Site Integration Facility (SIF) to ensure systems and application meet the standards in the DISA Security Technical Implementation Guides (STIG) and security controls defined by NIST 800-53.

Typical Duties Include:

• Utilize Security Information and Event Management tools, Active Directory Users and Computers snap-in, PowerShell, SPLUNK, and Microsoft Remote Server Administration tool to analyze cybersecurity compliance
• Provide quarterly cybersecurity hygiene report to Security Control Assessor, Authorizing Officials and other stakeholders
• Monitor system recovery processes to ensure audit log collection and procedures are properly restored and functioning correctly
• Runs weekly/monthly reports capturing current security posture and non-compliance or organizational policies for SIE assets
• Plans, participates and leads information systems assessment and audits; communicates finding to Security Control Assessor, Authorizing Official, information system owners, and other stakeholders
• Audits networks, cloud environments and information systems for Information Assurance Vulnerability Alert (IAVA)/ Information Assurance Vulnerability Management (IAVM), Collaborative Virtual Environment (CVE), Common Vulnerability Scoring Systems (CVSS), and comply to connect compliance
  

Experience and Skills:

• (5) years of directly related experience.
• Experience with the US Combatant Commands (USCENTCOM/USSOCOM) is desired.
• Working knowledge of the RMF.
• Knowledge of the Telos Xacta or eMASS system is desired.
• Must have excellent communications skill (written and oral) and interpersonal skills.
• Knowledge and experience with DoD cybersecurity processes and policies (e.g., DODI 8510.01, NIST, CNSS and other cybersecurity policies).

Education, Certifications, and Clearance:

• Must be a US Citizen.
• Certifications: Current DoD 8570.01-M, IAT II Certification
• Active Secret clearance.