Information Assurance Engineer

About The Position

Requirements

• Requires a US Citizenship and Secret Clearance.
• Bachelor’s Degree with 4-8 years of relevant experience or master’s with 2-6 years of prior relevant experience.
• Hold an active security certification that meets DOD 8570 IAT level II or higher, such as Security+.
• Excellent customer service skills and the ability to work independently.
• Ability to multi-task and self-assign work in a fast-paced environment.
• Strong communication skills that enable proactive and effective collaboration with a virtual team.
• Ability to develop and present management level briefings.
• Demonstrate potential and willingness to learn and adapt to rapid changes in technology.

Nice To Haves

• Vulnerability assessment and analysis experience utilizing ACAS/NESSUS and DISA STIGs.
• Experience with DoD implementation of the Risk Management Framework (RMF) and governing directives (NIST, CNSS, DSS, etc.).
• NIST RMF Assessment and Authorization (A&A) experience.
• Experience with operating IT security tools, such as ACAS, HBSS, DISA STIGs.
• Prior experience working Cybersecurity in accordance with US Government (USG), Department of Defense (DOD).

Responsibilities

• Serve as the System Information System Security Officer (ISSO) for various customer systems as an IA Subject Matter Expert (SME) ensuring IA is built into systems deployed to operational environments.
• Develop Project Management Plan to attain and maintain ATOs.
• Perform ISSO responsibilities, including acting as a point of contact and subject matter expert for all cybersecurity related aspects to the assigned information systems.
• Collaborate with program information assurance staff, program management, and local engineers to ensure an appropriate security posture and Authorization to Operate (ATO) accreditation conditions and requirements are maintained.
• Provide security engineering review of proposed changes or additions to the IS and advise the Information System Security Manager (ISSM) of the security relevance.
• Conduct regular briefings with the customer on cybersecurity status, including preparing briefing materials.
• Initiate the authorization or re-authorization efforts and process for new or expiring systems and coordinate, schedule, and attend required meetings.
• Conduct ongoing security reviews and tests of systems to verify security features and controls are functional and effective.
• Take corrective action to resolve identified vulnerabilities and ensure systems are operated, maintained, and disposed of in accordance with established policies and procedures.
• Assist with the implementation of security procedures, and verify information system security requirements.
• Review ACAS and container scans for each system and work with infrastructure leads to bring findings into remediation.
• Perform and/or review technical security assessments of computing environments to identify points of vulnerability and recommend mitigation strategies.
• Develop and maintain assessment and authorization documentation for management and continuous monitoring of information systems.

Benefits

• Competitive compensation.
• Health and Wellness programs.
• Income Protection.
• Paid Leave.
• Retirement.