Information Assurance Engineer

TekSynap•Fort Belvoir, VA

2d•Onsite

About The Position

TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers.

Requirements

Active DoD Top-Secret clearance with SCI eligibility
Minimum of DoD IAM III
Bachelor's (or equivalent) with 5 - 7 years of experience, or a Masters and 3 to 5 years of experience.
Training and Experience in eMASS / ACAS
U.S Citizenship Required

Nice To Haves

In-depth knowledge of all NIST and CNSSI publications related to RMF and security controls for national security systems (NSS) and non-NSS systems.
Working knowledge of DoD Risk Management Framework (RMF), DoD IA guidance and policies, and NIST 800 series standards.
In-depth knowledge and hands-on experience with eMASS software supporting the RMF process.
Working knowledge of ACAS Security Center to include report generation and evaluation of vulnerability and discovery scans.
Working knowledge of STIG Viewer/ eMASSter to validate STIG checklists and SCAP scans.
Ability to work effectively within a team environment as well as independently.

Responsibilities

Coordinate kickoff meetings for IS authorizations and reauthorizations.
Offer categorization guidance to data and system owners.
Provide guidance for DoD Information Technology Portfolio Repository (DITPR) and eMASS registration.
Work with system owners for system categorization and security control selection in accordance with NIST SP 800-53 and CNSSI-1253.
Support POA&M oversight for the agency to include reviews, approvals, status, mitigation, remediation strategies, and risk acceptance guidance.
Conduct continuous monitoring security control and technical review per agency schedule for all systems.
Support the Enterprise Reporting Service (ERS) Score Card submission and the associated reporting requirements to DTRA leadership.
Host risk management meetings with system owners.
Notify system owners for ATO, Interim Authority to Test (IATT), Annual Security Review (ASR), and Contingency Plan Test (CPT) due dates.
Experience in helping federal agencies manage risks associated with operating on-premise and cloud-based information systems in support of the RMF.
Advise the AODR, AO, CISO of DoD RMF matters related to systems based on the evaluation of security controls, technical findings and artifacts.
Identify, communicate, and deliver concise, coherent narratives on key issues to peers and the AO/AODR.