Information Assurance II

Bristol Bay Native Corportation•San Antonio, TX

9d•Onsite

About The Position

Eagle Integrated Services, LLC (EIS) is a government contracting and consulting firm supporting several federal agencies and military installations across the U.S. We are seeking an Information Assurance/Specialist Lvl. III to join our ongoing mission at Joint Base San Antonio. What You'll Do: Provide risk assessments and reviews for software and hardware to be deployed on the JBSA sites. Promptly report any suspected or confirmed security breaches or policy violations to the agency’s IA Manager (IAM). Address security incidents and remediate vulnerabilities that are within the DHA address IP space that belong to neighboring networks. Ensure systems will be Information Assurance and Security Compliant with all current configurations in accordance with DHA RMF accredited baselines Perform a Basic Cyber Assessment, using the NIST SP 800-171 DoD Assessment Scoring Template, and enter the results electronically in Supplier Performance Risk System (SPRS) for each covered Contractor information system that is relevant to an offer, contract, task order, or delivery order Analyze and improve system security practicesAssist the system owner and ISSO in various aspects of designing, developing, and writing certification and accreditation (C&A) documentation packages, including support of the ATO and its systems and/or environment, including but not limited to POA&M and other artifacts.Follow National Institute of Standards and Technology (NIST) and/or RMF standards in performance of job functionsAdminister the Government Mission Assurance Category (MAC) Three (MAC3) and Government MAC Two (MAC2); Sensitive but Unclassified office automation environment security features, including but not limited to, access control, malicious code protection, vulnerability and patch management, audit logs and records management, attack sensing and warning for all supporting network, computing, and information componentsAdminister and support DOD, MHS, and DHA IA security compliance reviews including ad-hoc, annual, and quarterly scans, security information requests and certification and accreditation activitiesAdminister and support security reviews of all new or modified systems, devices, and configurations to ensure a consistent security postureAdminister all security related documentation including System Security Authorization Agreements (SSAA), recording mitigation strategies, waivers, approvals, ports and protocol registration, and user rights trackingAssist in the detailed investigation and documentation of security incidents as requiredSupport the Government’s directive to maintain and sustain all aspects of CAC login and PKI technology and/or other Government authorized or required two factor identification protocol or systemMaintain application approval databases and user rights forms Utilize Government scanning tools, such as Retina, AppDetective, and Assured Compliance Assessment Solution (ACAS) and or Government provided security protocols, including forensics analysis and Intrusion Prevention System Assist Information Systems Security Manager (ISSM) in meeting their duties and responsibilitiesImplement and enforce all DoD IS and PIT system cybersecurity policies and procedures, as defined by cybersecurity-related documentationEnsure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systemsCoordinate with the ISSM to initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure that a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSOEnsure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals

Requirements

This position is pending a background check for Secret Clearance)/ Tier 3 in support of your primary duty assignment onsite.
Certification requirements to meet IAT III, IAM III.
Education requirements are a Bachelor’s degree or equivalent experience and IAM III certifications (CISSP, CASP or CISM)

Responsibilities

Provide risk assessments and reviews for software and hardware to be deployed on the JBSA sites.
Promptly report any suspected or confirmed security breaches or policy violations to the agency’s IA Manager (IAM).
Address security incidents and remediate vulnerabilities that are within the DHA address IP space that belong to neighboring networks.
Ensure systems will be Information Assurance and Security Compliant with all current configurations in accordance with DHA RMF accredited baselines
Perform a Basic Cyber Assessment, using the NIST SP 800-171 DoD Assessment Scoring Template, and enter the results electronically in Supplier Performance Risk System (SPRS) for each covered Contractor information system that is relevant to an offer, contract, task order, or delivery order
Analyze and improve system security practices
Assist the system owner and ISSO in various aspects of designing, developing, and writing certification and accreditation (C&A) documentation packages, including support of the ATO and its systems and/or environment, including but not limited to POA&M and other artifacts.
Follow National Institute of Standards and Technology (NIST) and/or RMF standards in performance of job functions
Administer the Government Mission Assurance Category (MAC) Three (MAC3) and Government MAC Two (MAC2); Sensitive but Unclassified office automation environment security features, including but not limited to, access control, malicious code protection, vulnerability and patch management, audit logs and records management, attack sensing and warning for all supporting network, computing, and information components
Administer and support DOD, MHS, and DHA IA security compliance reviews including ad-hoc, annual, and quarterly scans, security information requests and certification and accreditation activities
Administer and support security reviews of all new or modified systems, devices, and configurations to ensure a consistent security posture
Administer all security related documentation including System Security Authorization Agreements (SSAA), recording mitigation strategies, waivers, approvals, ports and protocol registration, and user rights tracking
Assist in the detailed investigation and documentation of security incidents as required
Support the Government’s directive to maintain and sustain all aspects of CAC login and PKI technology and/or other Government authorized or required two factor identification protocol or system
Maintain application approval databases and user rights forms
Utilize Government scanning tools, such as Retina, AppDetective, and Assured Compliance Assessment Solution (ACAS) and or Government provided security protocols, including forensics analysis and Intrusion Prevention System
Assist Information Systems Security Manager (ISSM) in meeting their duties and responsibilities
Implement and enforce all DoD IS and PIT system cybersecurity policies and procedures, as defined by cybersecurity-related documentation
Ensure that all users have the requisite security clearances and access authorization, and are aware of their cybersecurity responsibilities for DoD IS and PIT systems under their purview before being granted access to those systems
Coordinate with the ISSM to initiate protective or corrective measures when a cybersecurity incident or vulnerability is discovered and ensure that a process is in place for authorized users to report all cybersecurity-related events and potential threats and vulnerabilities to the ISSO
Ensure that all DoD IS cybersecurity-related documentation is current and accessible to properly authorized individuals