Information Assurance Officer (IAO)

About The Position

Requirements

• Must be a US Citizen
• Must hold an active TS/SCI clearance and be able to maintain throughout employment
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field (or equivalent experience).
• 5+ years of experience in information assurance, cybersecurity, or information security.
• Knowledge of cybersecurity principles, risk management practices, and security frameworks.
• Familiarity with NIST RMF, NIST 800-53, STIGs, or related standards.
• Experience with security assessment tools, vulnerability scanning, and compliance activities.
• Strong analytical, organizational, and communication skills.

Nice To Haves

• CI Poly with clearance
• IC-derived clearance
• Knowledge of NRO systems/processes
• SAFe certification(s)
• Experience with JIRA/Confluence and Tableau
• Professional certifications such as: Security+, CySA+, CCNA-Security, CAP, CEH
• Familiarity with cloud security environments (AWS, Azure, GCC High, etc.).
• Experience with SIEM, endpoint protection, or continuous monitoring tools.

Responsibilities

• Develop, implement, and maintain information assurance and cybersecurity policies, procedures, and best practices.
• Monitor and assess security controls to ensure compliance with organizational and regulatory requirements.
• Support Risk Management Framework (RMF) processes, including system categorization, control selection, implementation, assessment, authorization, and continuous monitoring.
• Conduct vulnerability assessments, security audits, and risk analyses.
• Assist with incident response activities, including investigation, reporting, and remediation support.
• Maintain cybersecurity documentation, including System Security Plans (SSPs), POA&Ms, contingency plans, and security assessment reports.
• Ensure compliance with applicable frameworks and standards such as NIST, CMMC, ISO 27001, DoD, or other applicable regulations.
• Coordinate with auditors, assessors, and stakeholders during security reviews and inspections.
• Track and report cybersecurity metrics, risks, and compliance status to leadership.
• Support policy development and governance initiatives.
• Collaborate with IT and engineering teams to implement security solutions and secure system architectures.
• Review system configurations and changes for security impact.
• Assist in managing access controls, account management, and security monitoring tools.
• Support vulnerability remediation and patch management efforts.
• Promote cybersecurity awareness and security best practices throughout the organization.
• Assist in developing and delivering security training programs.