Sparktek
Short Description:
Document and address organization's information security, cybersecurity architecture, and systems security engineering requirements throughout the acquisition life cycle.
Max Vendor Rate ***
3 days - on site - 2 days - remote
Complete Description: • Analyze the securityimpact of application, configuration, and infrastructure changes to ensurecompliance with the security standard as part of the change managementlifecycle. • Assess theconfigurations of applications, servers, and network devices for compliancewith the security standard. • Analyze and document how the implementation ofa new system or new interfaces between systems impacts the security posture ofthe current environment. • Assess and document the security impact andrisks of newly discovered vulnerabilities in the environment. • Coordinate resolution of application andinfrastructure security vulnerabilities with System Owners, IT, and vendors.Track resolution of vulnerabilities and provide regular updates to management. • Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management.
- Respond to, and investigate, security incidents and provide thorough post-event nalyses. - Perform internal application penetration testing, document findings, and recommend improvements to improve the organization's security posture. - Complete nnual password security audits and coordinate completion of agency wide user ccess audits in compliance with the security standard. • Determine the protection needs (i.e., securitycontrols) for the information system(s) and network(s) and documentappropriately.
- Create nd maintain desk procedures and process documentation for all responsibilities.
3 days - on site - 2 days - remote
Complete Description: • Analyze the securityimpact of application, configuration, and infrastructure changes to ensurecompliance with the security standard as part of the change managementlifecycle. • Assess theconfigurations of applications, servers, and network devices for compliancewith the security standard. • Analyze and document how the implementation ofa new system or new interfaces between systems impacts the security posture ofthe current environment. • Assess and document the security impact andrisks of newly discovered vulnerabilities in the environment. • Coordinate resolution of application andinfrastructure security vulnerabilities with System Owners, IT, and vendors.Track resolution of vulnerabilities and provide regular updates to management. • Coordinate resolution of endpoint security vulnerabilities with users and provide regular updates to management.
- Respond to, and investigate, security incidents and provide thorough post-event nalyses. - Perform internal application penetration testing, document findings, and recommend improvements to improve the organization's security posture. - Complete nnual password security audits and coordinate completion of agency wide user ccess audits in compliance with the security standard. • Determine the protection needs (i.e., securitycontrols) for the information system(s) and network(s) and documentappropriately.
- Create nd maintain desk procedures and process documentation for all responsibilities.