Intermediate Information Assurance (IA) Analyst

CompQsoft, Inc.•Colorado Springs, CO

3d•Onsite

About The Position

Under general technical supervision, performs network monitoring, analysis, and reporting in accordance with DoD Directive 8570.01. This role involves examining potential security violations, incidents, malicious activity, and attacks to determine policy breaches, assess impact, and preserve artifacts. The analyst will enter and track events and incidents, support incident escalation, assess probable damage, identify damage control and remediation, and assist in developing courses of action. Responsibilities include supervising the installation, monitoring, testing, troubleshooting, and administration of IA hardware and software systems, as well as recommending, scheduling, and performing IA system repairs, systems administration, and maintenance. The role also involves analyzing patterns of noncompliance or attacks, recommending actions to minimize security risks and insider threats, configuring, optimizing, and testing network devices, and diagnosing and resolving IA problems. Additionally, the analyst will enhance rule sets to identify or block malicious traffic, support the design and execution of exercise scenarios, implement and monitor policies and procedures, and prepare, distribute, and maintain plans, instructions, guidance, and standard operational procedures concerning Information Security. Participation in IA risk assessments during the C&A process, preparation, review, and evaluation of compliance documentation, and making recommendations for the DAA are also key duties. The role requires reviewing IA and IA-enabled software, hardware, and firmware for compliance with security guidelines, policies, and procedures, reviewing AI security plans, identifying alternative functional IA security strategies, and reviewing security safeguards. Developing and implementing programs to ensure user awareness and adherence to IA policies and procedures is also expected.

Requirements

CompTIA SEC+ certification
BA/BS with at least 5 years of experience

Responsibilities

Examines potential security violations, incidents, malicious activity and attacks to determine if policy has been breached, assesses the impact, and preserves artifacts.
Enters and tracks events and incidents.
Supports incident escalation and assesses probable damage, identifies damage control and remediation, and assists in developing courses of action.
Supervises the installation, monitoring, testing, troubleshooting, and administration of IA hardware and software systems.
Recommends, schedules, and performs IA system repairs, systems administration, and maintenance.
Analyzes patterns of noncompliance or attacks and recommends appropriate actions to minimize security risks and insider threat.
Configures, optimizes, and tests network devices.
Diagnoses and resolves IA problems in response to reported incidents.
Enhances rule sets to identify or block sources or potential sources of malicious traffic.
Supports the design and execution of exercise scenarios.
Implements, and monitors policies and procedures reflecting the legislative intent of applicable laws and regulations.
Prepares, distributes, and maintains plans, instructions, guidance, and standard operational procedures concerning Information Security.
Participate in IA risk assessments during the C&A process.
Prepares, reviews, and evaluates documentation of compliance.
Prepares recommendations for the DAA.
Reviews IA and IA enabled software, hardware, and firmware for compliance with appropriate security configuration guidelines, policies, and procedures.
Reviews AI security plans.
Identifies alternative functional IA security strategies to address organizational security concerns.
Reviews security safeguards to determine that security concerns identified in approved policies, plans, and doctrine have been fully addressed.
Develops and implements programs to ensure that systems, networks, and data users are aware of, understand, and follow IA policies and procedures.